How to Master WordPress User Roles
The WordPress User Management System includes 6 different user roles the website owner can assign to the members of his/her team.
If there’s one single person managing the website, there’s no need to create multiple user roles.
However, for a team, assigning appropriate roles to users means a coherent workflow and better communication among team members. Also, giving correct user permissions ensures a better security for the website and its backend.
First, let’s see where and how to create a new user role.
How to Create and Assign New User Roles in WordPress
Login to the WordPress Admin dashboard with the username and password you used to create your account.
In the left-hand menu, go to Users.
- If you click on “All Users”, you’ll be taken to the table where all current user members are listed.
As you can see, it’s possible to change the current role of a user to a different one, upon previous selection of the respective user in the Users table.
- If you click on “Add New”, you’ll be taken to a form you have to fill in with the new user details, to create that user profile.
You have to specify the following:
- Username (required) – this will be used by the respective team member to login to their WordPress dashboard.
- Email (required) – this is the email corresponding to that person you are creating a new user role for.
- First Name – first name of the person
- Last Name – last name of the person
- Password – generate a password that person will use to login to their WordPress dashboard
- Send User Notification – check the checkbox to enable sending a notification email to the new user about the account being created
- Role – click on the drop-down menu to select the role you wish to assign to the new user. You have to choose among: Administrator, Editor, Author, Contributor, Subscriber. If the website represents an online shop, two additional roles will be available for new users: Shop Manager and Customer.
Click on the Add New User button to actually create the new user account.
- If you click on “Your Profile”, you will be taken to a dashboard where some additional customizations of the new user profile are possible.
Now that you know how to create a new user account, let’s see what the particularities of each WordPress user role has. Depending on them, the new user will have extended or limited capabilities to make changes in the website.
WordPress User Roles Explained
The Administrator has full control over the website. He/She has the possibility to manage site settings, content in the website, and user roles.
They manage other users, including other administrators. They can create new user accounts, edit or delete them.
They are able to add, activate or remove themes for the WordPress website, and thus, make modifications into the website.
They can add, activate or delete plugins for the website.
They are responsible for the management of the content published on the website. They have access to posts and pages, they can add posts and pages, edit them or delete them completely. Also, they can add categories and tags and assign them to posts, accordingly.
They can manage menus of the website and widgets, as well.
They are capable of editing code for the website and implement additional CSS for advanced customizations to the website pages.
They can install updates for the website, such as WordPress upgrades, new versions of themes or plugins.
They can create backups for the website.
They have full control over security and privacy related to the WordPress website.
This is how the WordPress dashboard of an Administrator looks like:
This user role is specific to multisite networks. Super Admins are responsible for the entire network. When there is a Super Admin account activated, the normal Admin roles have limited capabilities, as compared to their usual capabilities.
Super Admins can add or delete sites.
They have full access to site settings, and they can manage them, from themes and plugins to content and user roles.
They have full control over the content that is produced for the sites.
The Editor role has limited capabilities; however, they have full control over content within the website.
This role is destined to users that are responsible with the content in a website. They can manage content: adding articles, editing articles of theirs or articles of others, deleting articles. This is also valid for pages.
Alongside managing posts and pages, Editors can moderate comments (read, approve, delete, edit comments to posts).
They can manage categories for posts, both adding new categories and editing existing categories.
They can manage tags for posts, both adding new tags and editing the existing list of tags.
They cannot manage user roles for other members of the team. They do not have access to site settings, so they cannot make modifications to the code, or themes, or plugins.
They have no access to widgets; thus they cannot manage them.
Here’s how the WordPress dashboard looks like, for an Editor:
A user with Author role can manage only his/her own posts (create and save them as drafts, edit, publish, delete their own content). They can also upload and add media to their posts.
They cannot edit or delete posts written by others.
They can upload files (e.g. images) and delete what they have previously uploaded.
They cannot create new categories, but they can choose from the existing categories and they can add tags to their posts.
They do not have access to site settings, neither can they manage themes or plugins for the website.
They can view comments, but they cannot moderate them (approve, delete, etc.).
This is a low-risk role, as Authors cannot make modifications to the website. They only have control over their own content.
This is the dashboard of an Author:
This role is even more restricting than the Author role.
A Contributor can add, edit or delete their own posts, but they cannot publish them, waiting for reviews from other users with extended capabilities.
They can read all posts, independently of who writes them.
They can view all comments, but they cannot moderate them (approve, edit or delete them).
They cannot add images or upload other files to their posts, which is quite restrictive.
They cannot create categories; however, they can choose from existing categories. Instead, they can add tags to their posts.
The Contributor role is appropriate for guest authors, who are sporadically contributing to the website content and don’t need to constantly publish articles on the website.
They don’t have access to site settings, consequently, they cannot manage themes or plugins.
Below is the WordPress dashboard corresponding to a Contributor:
A Subscriber can only login to the WordPress dashboard and update his/her profile or change his/her password.
This role is useful for subscription-based websites, and when one has to login to view a post or leave a comment.
Subscribers have no rights to manage content within the website (they cannot create, edit, publish or delete any posts or pages).
Also, subscribers have no rights to manage site settings, themes and plugins.
This is how the WordPress dashboard appears to a Subscriber:
The Shop Manager role concerns online shops.
This WordPress user role is given to someone who’ll manage the online shop, without him/her having Admin capabilities. They can modify WooCommerce settings, and they can add/edit products.
The Customer role concerns online shops, as well.
The Customer role is given to anyone who registers using the signup option, or the checkout. A user with Customer role has the possibility to edit his/her profile, view orders and order history. The capabilities of a Customer are similar to those of a Subscriber.
That’s it. The full list of user roles one can create and assign to team members, depending on their responsibilities for the website.
In addition, we should mention that, with the help of a plugin, the distribution of capabilities assigned to a certain user role can be customized according to the website owner’s decision. For this doing, you can use the Capability Manager Enhanced plugin.
Are you ready to start configuring WordPress user roles?