Documentation

Bot Management

Manage RestoreCord custom bots, including credentials, validation, Discord presence, custom domains, guild access, restarts, and deletion risk.

Copy page

Overview

Every RestoreCord server uses a custom Discord bot for verification, member pulls, role assignment, snapshots, slash commands, and Discord API access. Keep the bot healthy before changing server settings or running recovery operations.

Bot tokens and client secrets are sensitive credentials. Anyone with access to them can control the Discord application. Regenerate exposed credentials in the Discord Developer Portal and update RestoreCord immediately.

Open Bot Management

1

Go to Bots

Open the RestoreCord Dashboard and select Bots in the dashboard sidebar.

2

Pick the bot

Each bot card shows its Discord username, client ID, live status indicator, and actions. Click Manage to edit a bot, or Invite Bot to authorize it into a Discord server.

3

Review shared access

Bots shared through sub-user access can appear in the list without exposing their token. Shared users can only perform actions allowed by their server permissions.

Bot Health

RestoreCord validates the bot against Discord before showing it as ready. A valid bot should have a working token, client ID, client secret, public key, and OAuth redirect URL.

Bot card preview

Matches the bot list layout used in the dashboard.

RC

RestoreCord Bot#0001

Shared

RestoreCord Bot • 123456789012345678

Health signal
Valid bot identity
What to check
The bot can be fetched from Discord and shows the expected username and avatar.
Health signal
Online status
What to check
The status indicator confirms RestoreCord can connect the bot to Discord.
Health signal
Redirect URL valid
What to check
Discord OAuth2 contains the current callback URL, usually https://restorecord.com/api/callback or your custom domain callback.
Health signal
Server access
What to check
The bot is invited to every Discord server where you verify, pull, or restore members.

Credentials

The bot edit page validates credentials while you work. Use the visibility button only when you are in a private environment.

Bot Token

The bot token authenticates RestoreCord to Discord as your bot. If the token changes in Discord, paste the new token into RestoreCord and save before running server operations.

Client Secret

The client secret is used for OAuth verification. If the secret is reset in Discord, update it in RestoreCord so members can continue authorizing.

Redirect URL

The redirect URL shown in RestoreCord must exist in the Discord Developer Portal under OAuth2. Copy the exact URL from the bot edit page when the dashboard marks it invalid.

When a bot uses a custom domain, the redirect URL changes to that domain plus /api/callback. Add that domain callback in Discord before switching traffic to the custom domain.

Presence

Presence controls how the bot appears in Discord. This does not change permissions, but it makes the bot feel active and recognizable to members.

Setting
Status
Available values
Invisible, Online, Idle, or Do Not Disturb.
Setting
Activity type
Available values
None, Playing, Watching, Listening, or Competing.
Setting
Activity text
Available values
Optional custom text up to the dashboard limit. Invisible status clears the activity text.

Custom Domain

A custom domain gives members a branded verification URL and changes the OAuth callback used by the bot. Domain setup is handled from the bot's advanced settings.

1

Add the domain

Open the bot's advanced settings and start the custom domain flow. Enter only a domain you control.

2

Configure DNS

Follow the DNS records shown in the dashboard. Keep the dashboard open until the domain status moves out of pending.

3

Update Discord OAuth

Add the custom-domain callback URL to the Discord Developer Portal for that application.

Do not remove the old callback from Discord until the custom domain is active and tested. This avoids breaking active verification links during the transition.

Guild Management

The bot guild manager shows Discord servers where the bot is installed. Use it to audit unexpected installs or remove the bot from servers you no longer manage.

  • Invite the bot to every destination server before pulling members or restoring a snapshot.
  • Keep the bot role above every role it needs to add or remove.
  • Only remove the bot from a server after you are sure no verification, migration, or snapshot operation still depends on it.

Restart and Delete

Action
Restart Bot
Expected result
Reconnects the bot service to Discord. Use after credential updates, Discord connection issues, or permission changes.
Action
Delete Bot
Expected result
Removes the bot from RestoreCord. If servers still depend on it, the dashboard can return a server list that must be handled first.

Deleting the wrong bot can break verification and recovery for every server attached to it. Confirm attached servers before deleting.

Operating Practices

  • Use a dedicated Discord account for bot ownership, not your personal primary account.
  • Keep Discord 2FA enabled when your server requires 2FA for moderator actions.
  • Save credential changes during a quiet period, then test verification with a staff account.
  • Document which RestoreCord servers depend on each bot before rotating credentials.
  • Use custom domains only after DNS and OAuth callbacks are both confirmed.

Next Steps

Secure Bot

Harden the Discord account and application that own the bot.

Create a Server

Attach the bot to a new RestoreCord server configuration.