Working With WordPress User Roles and Capabilities

Working With WordPress User Roles and Capabilities • WPShout

There are a few things that you must understand about user roles and capabilities to be an effective administrator of a WordPress site: things like what a user is, how you make a new one, and what you’d make users for. There’s lots of value in covering those things, but our goal today is to really get a solid understanding of how the whole WordPress user management and role system works conceptually, and to cover a few of the most important ways of modifying it.

The Basics of a WordPress User

Every account that can log into a WordPress site represents a “user,” and every WordPress user has a “role.”

Every account that can log into a WordPress site represents a “user.” That is, every “login” — a username-password pair — is a unit of credentialing in WordPress. These user accounts are the authors of posts, pages, media, etc. As the administrator of a WordPress site, you can create new users at will, by going to “User > Add New” in the administration sidebar. You should, generally, create a new user for each person who you want to log in to your site.

You may also have realized something else about WordPress’s authorization system: each WordPress user has a “role.” You have to select it on the page where you create a new account.

WordPress Default User Roles

Out of the box, WordPress comes with the following roles:

  • Super Administrator: This is a multi-site-network-only role. It is, as the name suggests, a more powerful version of an Administrator. A Super Admin can not only change and control a single WordPress site as an Administrator, but can change who has access to specific sites in a network. A fancy thing to call this role would be “WordPress Multisite Keymaster.” But I can see why they went with “Super Admin” instead ?
  • Administrator: This is the role you probably use to log into your own WordPress site. It’s what WordPress makes the first user on a site by default, and it’s the most powerful role in the arsenal. If an “Administrator” can’t do it out of the box on a WordPress site, it can’t be done by anyone. Install plugins, change themes, make users, make posts, etc, etc.: all in the Administrator’s control.
  • Editor: This is the next most powerful role. You can do all the necessary post- and media- authoring and editing things you can imagine, but you can’t make a new user, or add a new plugin, or do anything that changes how the site functions.
  • Author: Another step down from an Editor, the Author role can only change their own posts and media. They can’t make changes to those of other users on the site.
  • Contributor: Contributors can edit their own posts, delete unpublished posts they made, and read the site. That’s it. They can’t even publish their own posts.
  • Subscriber: The Subscriber



This article was written by David Hayes and originally published on WPShout.

Disclosure: Some of the links in this post are "affiliate links." This means if you click on the link and purchase the product, We may receive an affiliate commission.

Leave a Comment

Your email address will not be published. Required fields are marked *

Show Your ❤️ Love! Like Us
Scroll to Top