I am guessing that since you don’t know if a user is a moderator without them authorizing the extension (Moderator role documentation request), you can simply decode the JWT and check if the role in the payload is of type “moderator”. If anyone can confirm that, would be appreciated, but I will test it and resubmit if it is working for me.