End-to-End Encryption (E2EE) ensures that only message senders and recipients can read the contents of messages and files. Rocket.Chat enhances security by supporting E2EE for private rooms, teams, discussions, and direct messages.
These settings allow workspace administrators to configure the default behavior of E2EE across the workspace. Adjust them according to your organization’s privacy, usability, and compliance requirements.
Important considerations before enabling E2EE
Encrypted messages will not appear in search results.
Encrypted content cannot be audited or monitored.
Bots may be unable to access encrypted messages unless they explicitly support E2EE.
Found a bug? Please report it to Rocket.Chat.
Accessing the E2EE settings
To enable this feature, a workspace administrator must activate End-to-End Encryption in the workspace settings.
To access this setting, go to Administration → Workspace → Settings → End-to-end encryption.
Field | Description |
|---|---|
End-to-end encryption toggle | Enables E2EE across the workspace. When turned on, users can create encrypted rooms and enable encryption in direct messages, discussions, and private channels. |
Unencrypted messages in encrypted rooms | Allows users to send plain text messages in encrypted rooms. These messages will not be encrypted. |
Encrypt direct messages | Automatically enables encryption by default each time a new direct message room is created. |
Encrypt private rooms | Automatically enables encryption by default when creating private channels, private teams, or discussions. |
Encrypt files | Encrypts uploaded files sent in encrypted rooms. This is affected by the file upload settings. Encrypts uploaded files that are shared inside encrypted rooms. File behavior may also be affected by your File Upload settings. |
Mentions | Allows mentions ( |
Restore defaults | Resets all E2EE-related settings on this page to their original defaults. Use with caution. |
Next steps
After configuring workspace-level settings:
See the End-to-End Encryption User Guide for instructions on using E2EE in conversations.
For a deeper technical explanation of key generation, encryption mechanisms, and client behavior, refer to the End-to-End Encryption Specifications document.