Understanding User Roles and Capabilities in WordPress


WordPress User Roles Explained

One important feature that WordPress makes easy is allowing additional users to access your site intelligently.

You might want to let a number of different kinds of people access your site: an outside contractor who’s there to fix things, a content specialist or SEO expert to tweak your existing copy, or another contributor. Whatever the reason, it’s best to give each additional party his or her own account. WordPress’s user accounts and roles functionality makes that easy.

It’s important to understand how the different roles and capabilities in WordPress work. This will help you keep your site secure by avoiding giving away too much access to your site. It can also help you avoid wasting time by giving too little access and preventing your collaborators from working effectively.

The Main WordPress User Roles

In this section, we’re going to look at the most important user roles:

Administrator — The “Do Everything” Role

In most cases, this is the user role you have on your own WordPress site. Users with this role you can do anything on the site. This includes creating other user accounts with the administrator role, as well as publishing, editing, and deleting all content. Assigning this role to all other users isn’t a good idea as one administrator can remove other administrators and allow other people access to the site. By assigning this role to the wrong person, you could end up locked out of your own site! While it might seem convenient to give someone the administrator role as you won’t need to determine if they have sufficient access to do what they need to, it’s not a good idea unless totally necessary.

Important capabilities of the administrator role include:

  • Activate plugins
  • Activate themes
  • Edit WordPress files
  • Delete any post or page
  • Create and delete users

Editor — The total editorial control role

The editor role can be given to trusted users who need the ability to publish their own posts, as well as that of other users. As this role can also delete or edit other user’s posts or pages, they have a lot of control over what is published on your site. This role lacks the ability to change the theme or plugins used on the site, making it ideal for those who are overseeing other user’s contributions to the site, without the need to edit the appearance of functionality of the site.

Important capabilities of the editor role include:

  • Create posts and pages
  • Delete any post or page
  • Edit any post or page
  • Publish any post or page
  • Upload files

Author — For people creating content

This role is a suitable choice for anyone who needs to add new posts to your site, including the ability to upload files such as images for use in their articles. An important point to take into consideration when assigning this role to a user is that they have the ability to publish their own posts. This gives them a lot of control over what content goes live on your site and is visible to your audience.

Important capabilities of the author role include:

  • Create posts
  • Publish their own posts
  • Delete and edit their own posts (including published posts)
  • Upload files

Contributor  — For writers who don’t need to ever use images

The contributor is a good role to give to someone who you are not quite ready to let have the ability to publish content on the site. Users with this role can create a new post, which they can then mark as ready for review by a user with the administrator or editor role, who can then publish it. Contributors cannot edit or delete their posts once they’ve been published. This means they have no control over what goes live on your site or the ability to change anything that’s already been published. However, the main downside of this role is that they cannot upload images to the site for use in their posts.

Important capabilities of the contributor role include:

  • Create posts
  • Delete and edit their own posts (not including published posts)
  • Cannot upload files including images

Conclusion

There are a few other capabilities and roles in WordPress, but the four above are the core that you must know about to make an informed decision on what role to assign anyone working with you on your site. To get a sense of the full list of capabilities in WordPress — or maybe just give yourself a headache — check out the official Capability vs. Role Table.

If you are unsure which role to assign a new user, it’s good practice to select the least capable option. You can always upgrade the user’s role at a later date if required, but assigning too many capabilities could create problems.

Thanks for reading!

One thought on “Understanding User Roles and Capabilities in WordPress

  1. Pingback: How to Add Users to your WordPress Site – A Step-by-Step Walkthrough | WP Business Tips

Leave a Reply

Your email address will not be published. Required fields are marked *