Skip to content

Glossary

Status Stable · Last verified 2026-07-11 · API v10 · Source API reference

Definitions of the terms used across the atlas. Terms in bold inside a definition have their own entry.

A web app embedded inside the Discord client (games, watch-together, tools), built with the Embedded App SDK and communicating over RPC/voice.

An object on a message payload (allowed_mentions) controlling which mentions actually ping. Set it to avoid accidental @everyone/role pings.

The top-level entity registered in the Developer Portal. Owns the Application ID, Public Key, OAuth2 credentials, commands, install config, and optionally a bot.

A registered command users invoke: slash command (CHAT_INPUT), user command, or message command.

A field on an interaction mapping each installation context to its owner: key "0" → guild ID (guild-install), key "1" → user ID (user-install).

An automated user attached to an app, authenticated with a bot token, that connects to the gateway and acts via REST.

The secret used in OAuth2 token exchange. Server-side only; never exposed to clients.

An opt-in message system (flag IS_COMPONENTS_V2, 1 << 15) that builds messages from components (Text Display, Container, Section, Media Gallery, Separator) instead of content + embeds. Irreversible per message once set.

Discord’s Audio & Video End-to-end Encryption protocol for calls; mandatory since 2026-03-01.

A structured, boxed content block in a message (title, description, fields, image, etc.). ≤10 per message, ≤6000 characters total.

Discord’s persistent WebSocket connection delivering real-time events, filtered by intents.

Discord’s internal name for a server.

A bitflag declared at connect time selecting which gateway events you receive. Three are privileged: GUILD_MEMBERS, GUILD_PRESENCES, MESSAGE_CONTENT.

Any user invocation of your app (command, button, select, modal). Must be acknowledged within 3 seconds; the interaction token stays valid ~15 minutes for follow-ups.

Your HTTPS URL that Discord POSTs interactions to. Requires Ed25519 signature verification against the app’s Public Key.

Where an app is installed: guild-install (GUILD_INSTALL, 0) or user-install (USER_INSTALL, 1).

The authorization framework for authorizing users and installing apps, using scopes.

A bitfield governing what a member/bot may do in a guild/channel, combined with role permissions and channel overwrites.

An intent exposing sensitive data, gated by Discord (portal toggle and/or review). See Intents.

An app’s Ed25519 public key (not secret) used to verify inbound interaction requests.

Caps on request frequency, per-route and global (REST) or per-connection (gateway). Read the response headers; never hard-code the numbers.

Discord’s HTTP resource API at https://discord.com/api/v10.

A permission requested during OAuth2 (e.g. identify, bot, applications.commands).

Splitting a bot’s guilds across multiple gateway connections; required past ~2,500 guilds.

A CHAT_INPUT application command invoked by typing /name.

A 64-bit, time-sortable unique ID used for every object (guild, channel, user, message).

The secret authenticating a bot (Authorization: Bot <token>). Full control; rotate if leaked.

A per-channel URL you POST JSON to, to send messages. Post-only; the URL is a secret. See Webhooks.