> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wcr.is/llms.txt
> Use this file to discover all available pages before exploring further.

# User roles and permissions in WeCareRemote

> WeCareRemote has two user roles — blog (refugee users) and org_admin (NGO administrators) — each with different access levels across the platform.

WeCareRemote assigns every account a role that determines what you can see and do on the platform. Your role is set when your account is created and is encoded in your JWT token on every login. There are two roles: `blog` for refugee users and `org_admin` for NGO administrators.

Roles are intentionally simple. WeCareRemote optimises for clarity over granularity — the two roles map cleanly to the two real-world audiences the platform serves, and every feature is reachable from one or the other without requiring complex permission matrices.

<Tabs>
  <Tab title="Refugee user (blog)">
    **Who this is:** Refugees accessing services, information, and support through WeCareRemote.

    With the `blog` role you can:

    * Chat with the AI assistant to get information and request support
    * Read blog posts and resources published on the platform
    * Join video meetings with NGO staff
    * View content and navigation tailored to your logged-in state

    **Blog access:** Standard content is available to you after login. The page header and navigation update automatically once you are signed in, showing options relevant to refugee users.
  </Tab>

  <Tab title="NGO admin (org_admin)">
    **Who this is:** Staff members at NGO partner organizations who manage services and content on WeCareRemote.

    With the `org_admin` role you can do everything a refugee user can do, plus:

    * Publish and manage blog posts and resources
    * Access elevated administrative features in WordPress
    * View org\_admin-specific menu items and headers across the platform

    **Elevated permissions:** The `org_admin` role grants broader access to content management tools. The platform header and navigation menus reflect your elevated role as soon as you log in.
  </Tab>
</Tabs>

## Checking your role

Your role is returned in the JWT token verification response under the `permissions` array. To see your current role, verify your token at `POST https://getme.global/api/v1/wordpress_auth/verify_jwt_token` and inspect the response:

```json theme={null}
{
  "permissions": ["org_admin"]
}
```

A refugee user account returns:

```json theme={null}
{
  "permissions": ["blog"]
}
```

For full details on verifying your token, see [JWT tokens](/authentication/jwt-auth).

## Role-based content

The blog header and navigation menus adapt automatically based on your login state and role. You do not need to configure anything — the platform detects your role from your token and adjusts what you see.

| State                    | What you see                                         |
| ------------------------ | ---------------------------------------------------- |
| Logged out               | Public header with general navigation                |
| Logged in as `blog`      | Refugee user header with service and chat links      |
| Logged in as `org_admin` | Admin header with content management and admin links |

## Permission matrix

| Action                            | `blog` (refugee) | `org_admin` (NGO) |
| --------------------------------- | ---------------- | ----------------- |
| Read public blog content          | ✅                | ✅                 |
| Read role-restricted blog content | ✅                | ✅                 |
| Chat with the AI assistant        | ✅                | ✅                 |
| Join a video meeting              | ✅                | ✅                 |
| Start a video meeting recording   | ❌                | ✅                 |
| List meeting recordings via API   | ❌                | ✅                 |
| Publish or edit blog posts        | ❌                | ✅                 |
| Access WordPress admin            | ❌                | ✅                 |
| Manage menus and role visibility  | ❌                | ✅                 |

If you receive a `403 Forbidden` response from the API or a "permission denied" message in the platform UI, the most likely cause is that your role does not include that action.

<Note>
  Your role is assigned when your account is created. If you need your role changed — for example, to gain org\_admin access — contact WeCareRemote support at [wcr.is/home](https://wcr.is/home).
</Note>
