Beginner Guide to WordPress User Roles

Beginner Guide to WordPress User Roles

If you are a site owner or are even remotely linked with WordPress, it is best to learn about WordPress user roles.

WordPress uses the concept of user roles, which gives its users limited permission to do a specific task. By assigning roles to the users, the site owner can control the users’ activities on the site.

Today, we present you with the beginner’s guide to WordPress User Roles. By the end of this guide, you will have a clear understanding of the types and the capabilities of the user’s roles.

What Is WordPress User Roles?

In simple words, WordPress user roles are the designation for each user. These actions are known as capabilities.

There are six leading user roles on WordPress.

  1. Administrator
  2. Editor
  3. Author
  4. Contributor
  5. Subscriber and
  6. Super Admin

Each of these user roles has a predefined set of capabilities. We will discuss them in detail below.

Types of WordPress User Roles

As mentioned above, there are six different user roles by default. Understanding the capabilities of each role ensures effective team coordination. Moreover, it also helps protect your site. Let’s move into the details of each role.

1. Administrator

The ‘Administrator’ is the primary WordPress user role. You automatically get this role when you install WordPress. The administrator is at the top of the user role hierarchy (unless you run a Multisite installation, which we will discuss later).

There is only one administrator per site in most of the cases. An administrator can access and control all the functions in the WordPress backend.

Here is an example of how the Administrator dashboard looks like:

Capabilities of the Administrator role:

  • Activate plugins
  • Delete pages
  • Delete posts
  • Delete others posts
  • Delete others pages
  • Delete private posts
  • Delete private pages
  • Delete published pages
  • Delete published posts
  • Edit dashboard
  • Edit others posts and pages
  • Edit pages
  • Edit posts
  • Edit private posts and pages
  • Edit published page and posts
  • Edit theme options
  • Export
  • Import
  • List users
  • Manage categories
  • Manage links
  • Manage options
  • Moderate comments
  • Promote users
  • Publish pages and posts
  • Read private posts and pages
  • Create reusable blocks
  • Edit reusable blocks
  • Delete reusable blocks
  • Remove users
  • Switch themes
  • Upload files
  • Upload files
  • Delete site
  • Update core
  • Install plugins
  • Update plugins
  • Edit plugins
  • Delete plugins
  • Install themes
  • Update themes
  • Edit themes
  • Delete themes

As the administrator has access to full control, it’s not best to assign this role to anyone else. In case you do, keep in mind that you are voluntarily giving them the blueprint of your castle. So please be careful.

2. Editor

Users with the ‘Editor’ WordPress user role have full control over the content section of your website. An editor is generally the head for managing the content. This role gets a high level of access to WordPress and can create, edit, delete, and publish pages and posts. An editor is responsible for looking after the work of authors as well as other contributors.

Here is how an editor’s dashboard looks like in WordPress:

Following is the detailed list of an editor WordPress user role:

  • Edit others pages and posts
  • Delete other’s pages and posts
  • Edit private pages and posts
  • Delete private pages and posts
  • Edit published pages and posts
  • Delete published pages and posts
  • Edit pages
  • Edit posts
  • Delete pages and posts
  • Create reusable blocks
  • Delete reusable blocks
  • Manage categories
  • Manage links
  • Moderate comments
  • Publish posts and pages
  • Read private posts and pages
  • Upload files

However, the editor cannot:

  • Add plugins
  • Edit the theme
  • Install updates
  • Make site-wide changes
  • Add new users.

3. Author

Author WordPress user role is able to create, edit, and publish and delete their posts. While authors are writing their posts, they cannot create their own categories.

Here’s what the author WordPress user role has access to:

  • Upload files
  • Read
  • Publish posts
  • Edit posts
  • Edit published posts
  • Delete posts
  • Delete published posts
  • Create reusable blocks
  • Read reusable blocks
  • Edit own reusable blocks
  • Delete your own reusable blocks.

The author cannot:

  • Edit the posts and pages of other users
  • Exercise administrative capabilities
  • Approve, Moderate, or Delete any comments
  • Add/Change/update the theme settings and plugins.

4. Contributor

The contributor WordPress role is a stripped-down version of the WordPress author role. Contributors are capable of adding new posts and editing only their content. They cannot create separate categories. Like the authors, contributors also have to choose from the existing categories.

However, they are capable of adding tags to their posts. Below is the list of the contributor’s role in WordPress:

  • Contributors can create and edit their posts.
  • They can add tags to their posts.
  • They can delete their posts.
  • They can read other posts.
  • They can read reusable blocks.
  • They can view comments.

Now here is the list of things contributors cannot do in WordPress:

  • They cannot edit other posts.
  • They cannot create their own categories.
  • They cannot upload files.
  • They cannot delete or approve comments.
  • They cannot change/edit/update theme settings and plugins.

5. Subscriber

Subscriber is at the bottom of the WordPress user role’s hierarchy. Their WordPress dashboard is generally bare. Users with the subscriber role are able to read all the posts on the website and update their existing user profiles. If they want, they can change their login passwords.

Besides these two, Subscribers are not capable of doing anything else in WordPress.

When you think about it, everyone can read the posts without a dedicated role designation. This is why not all site owners use this option. But in case you want to set up a subscription-based website, this user role comes in handy.

6. Super Admin

This user role only applies to a multisite network. The capabilities of the super admin capabilities are similar to that of the single site administrator, as mentioned above. However, super admin also enjoys a few other capabilities in a Multisite network such as:

  • Creating websites
  • Delete websites
  • Managing websites
  • Setting up the network
  • Managing network
  • Managing network users
  • Managing network themes
  • Managing network plugins
  • Managing network options
  • Upgrading network.

Likewise, in case of a multisite network, the following capabilities are transferred to super admins instead of the administrator:

  • Updating core
  • Installing themes
  • Updating themes
  • Editing themes
  • Installing plugins
  • Updating plugins
  • Editing plugins
  • Deleting themes
  • Deleting plugins
  • Editing files
  • Adding users
  • Editing users
  • Creating users
  • Deleting users.

Importance of WordPress User Roles

Now you know the type of WordPress user roles. In this section, we will talk about the major benefits of WordPress user roles.

1. Secure Website

Giving proper WordPress user roles ensures that the users don’t have unnecessary capabilities to tamper with the website. Likewise, only a trusted user can make the necessary changes.

2. Proper Workflow

WordPress user roles assign predefined responsibilities and capabilities to the users. This ensures that the users are able to do the work that is expected from them. For example, assigning an author role to a user gives them access to only create WordPress posts and nothing more.

3. Better Coordination

WordPress user roles designate specific tasks to specific individuals. Doing so eliminates the confusion of work and promotes better coordination. For example, the author’s role designates users to write and edit their own posts. Editors can edit the posts of every user.

How To Use WordPress User Roles Effectively?

We are confident that you now know the various types of WordPress user roles along with their detailed capabilities. However, that is not enough for a successful website. You should also know how to use and assign those user roles effectively.

Below are some tips that will help you make the best use of WordPress user roles:

1. Provide limited access to each user:

This will ensure better security of your site. Users cannot make changes that they are not assigned. This will also prevent accidental changes to the content.

2. Keep the top-level users limited:

Stick with only one administrator and a few trusted editors. You can assign the author’s role to the regular content creators, while one-time users can be contributors.

3. Use WordPress User Roles Plugin

Manual alterations are useful to edit user roles. However, WordPress user role plugins will enhance the functionality of WordPress. It will also take less time to make changes. You can even create your own user role, edit the existing ones, and do much more.

Customizing Default User Roles

The roles that we discussed above have a predefined set of capabilities. These capabilities are designed to fit the needs of most WordPress sites.

Let’s say that you run a magazine website. You can be the administrator. You can then assign the ‘Editor’ role to the senior staff members and the ‘Author’ role to the junior staff members. Likewise, you can designate the ‘Contributor’ role and ‘Subscriber’ role to guest authors and site visitors, respectively.

Each will have a predefined set of capabilities on your website. But what if you want to edit their capabilities?

For example, users with the ‘Author’ role are allowed to publish as well as delete their posts. You might want to remove the capability that allows the authors to delete their posts for some reason. There are many other modifications that you might want to make.

So, here is how you can customize the existing user roles in WordPress:

  • Install one of the WordPress user role plugins. We recommend the Capability Manager Enhanced plugin because it is easy to use and activates multiple functionalities.
  • Login to your WordPress dashboard.
  • Go to Plugin and then click on Add New.
  • You will find a search bar on the top right. Type “Capability Manager Enhanced.”
  • Click on ‘Install’ to install the plugin.
  • Head to the Settings.
  • On the left sidebar of your admin panel, you will see Capability Manager Enhanced. Click on it.
  • Click on ‘Activate’ to activate the plugin.
  • Select the role you want to edit from the top right corner.
  • Click on the ‘Load’ button.
  • The plugin will load the capabilities associated with that user role on the left side of the screen.
  • Now all you need to do is check on the capabilities that you want to assign to that user role. Leave the box unchecked for those capabilities you want to disable.
  • Once you are satisfied, scroll down to the bottom of the page and click on the ‘Save’ button.
  • You are done!

How To Create WordPress Custom User Roles

You can also create WordPress custom user roles using the WordPress User Roles Plugin.

  • Login to your WordPress dashboard.
  • Go to Plugin and then click on Add New.
  • You will find a search bar on the top right. Type “Capability Manager Enhanced.”
  • Install and activate the plugin.
  • Go to the settings and click on Capability Manager Enhanced.
  • Go to the top right corner and click on ‘Create New Role.’
  • Give the name for the user role you want to create.
  • Now go the left side and check on the capabilities you want to assign to that user role you just created.
  • Scroll down to the bottom and click on the ‘Save’ button.
  • Done!

Frequently Asked Questions

Q. Where are WordPress user roles stored?

Every WordPress has a username, password, email ID, and roles. WordPress stores the user roles and their capabilities in its database. It is located in the wp_options table under wp_user_roles option.

Q. Which is the highest privileged WordPress user role?

By default, the ‘Administrator’ is the highest privileged WordPress user role. It has a level of 10. Likewise, the ‘Subscriber’ is the lowest privileged WordPress user role. It has a level of 0 in WordPress.

Wrapping Up

The key to a successful website is clearly defining each team member’s roles and responsibilities. Fortunately, WordPress offers an easier and built-in way to do that. First, understand the WordPress user roles and then take advantage of the feature. We recommend that you assign top-level roles to only a few users. This assures better handling of your website.

If you want to learn more useful articles regarding WordPress, check out the How to Disable User Registration in WordPress.

Related Articles

Leave a Reply