WordPress 101: What are user roles and how should we use them?
What are User Roles? The 6 different WordPress User Roles Explained
We know it can be confusing to assign user roles when you are new to WordPress and not sure what each role has access to. Below we’ve gone over what each roles capabilities include and tips on who should have this role.
Think of user roles just like you would think of roles in your company. You have the CEO, Accountant/C-Level Positions, Managers, Department Heads, Admins, and additional employees.
Super Admin = CEO: they have access to everything
Admin = Accountant/ C-level Positions: they have access to everything
Editor = Managers: they have access to all posts and pages, but no admin rights
Author = Department Heads: can create and publish posts, but can only edit his/her own posts
Contributor = Admins: can create posts and edit their own posts; they cannot publish posts
Subscriber = Additional Employees: only have rights to read posts
Super Admin (only for Multisite networks)
Role for: Owner, Webmaster, Person in charge of the websites
A super admin only apple to multisites – which means there are multiple WordPress sites that are connected on the same network. A super admin is able to control all the websites on the network as well as manage themes, plugins, users and more. If you have a multisite network the Super Admins are able to control what plugins Admins are able to install – Admins can only Activate/Deactivate the plugins. Here is a list of Super Admin capabilities as well as the capabilities of a normal admin:
- Create Sites
- Delete Sites
- Manage Network
- Manage Sites
- Manage Network Users
- Manage Network Plugins
- Manage Network Themes
- Manage Network Options
- Upgrade Network
- Setup Network
Administrator
Role for: Owner, Webmaster, Person in charge of the websites
An Admin (Administrator) has access to all the features in a single site. Admin is the role you are assigned when you first create your WordPress site. Typically there is one person who is assigned the admin role because they are able to access all the functions. The capabilities of an admin are:
- Edit Dashboard
- Edit/Publish/Delete Anyones Pages
- Edit/Publish/Delete Anyones Posts
- Edit/Delete Private/Published/Draft Pages
- Edit/Delete Private/Published/Draft Posts
- Edit/Delete Published Pages
- Edit/Delete Published
- Edit Theme Options
- Export
- Import
- Add/Edit/Remove Users
- Manage Categories
- Manage Links
- Manage Options
- Moderate Comments
- Promote Users
- Read Private Pages/Posts
- Switch Themes
- Upload Files
- Customize
- Delete Site
- Install/Update/Edit/Change/Delete Themes
- Install/Edit/Delete/Update/Activate/Deactivate Plugins
Editor
Role for: Website Editor, Marketing Coordinator, Content Editor
The editor is in charge of managing content, so they have a high level of access. They can create, edit, and delete pages and posts even those created by other users. Here is a list of editor capabilities:
- Publish/Edit/Delete Anyones Pages
- Publish/Edit/Delete Anyones Posts
- Edit/Delete Private/Published/Draft Pages
- Edit/Delete Private/Published/Draft Posts
- Manage Categories
- Manage Links
- Moderate Comments
- Read all posts/pages
- Upload Files
Author
Role for: Content Creator, Website Creator/Admin
The Author role is for someone to create content; they cannot edit pages or other users’ content. They do not have any administrative capabilities.
- Delete Posts
- Edit Posts
- Publish Posts
- Upload Files
- Read
Contributor
Role for: New Content Creator, Website Creator/Admin, One Time Content Creator
The Contributor Role can write and manage their own posts but cannot publish them to the website.
- Delete Posts
- Edit Posts
- Create posts
- Read
Subscriber
Role for: Follower, Subscribed Follower
A subscriber is only able to read all the posts on the website and edit their own profile. Typically anyone can read posts on a website, but this is a great role for subscription based websites that give additional information to those subscribed to the website.
- Edit their own profile
- Read posts
For security reasons the best thing to do when creating new users is only give them the amount of access they need – this way nothing gets deleted/changed without approval.
Limit the number of users that have the top roles – start from the lower roles because you can always assign added access later one. If you have a new content creator add them as a contributor and they can be assigned as an author once you view their consistent work.
Additional Tip:
If you need to customize your roles you can use a plugin like the one listed in this article Extend User Role Capabilities.