The WordPress content management system (CMS) includes user roles, controlled by the website admin. Each role has varying access to perform tasks within the CMS. These tasks, called capabilities, include creating pages, publishing posts, and changing settings.
It is important for every website owner to understand the differing WordPress user roles. Roles allow you to give the right access to the right person. For example, you might want a user to be able to contribute to blog posts, but not be able to delete the website! When you add a new user, start from the role with the least capabilities and move down. Figure out what they really need access to and stop there.
Defining WordPress User Roles
The 5 important roles include Subscriber, Contributor, Author, Editor, and Administrator.
A subscriber is someone who is only able to read posts and adjust their own profile. This role is good for blogs requiring commenters to create an account. The subscriber can edit their email, user display name, and post comments.
- Comment on blog posts
- Update some profile information
- Cannot create or change any content
The contributor role is for a user who needs access to create and manage posts. However, they cannot publish them. This works well when you have a guest blogger or an employee who creates blog content. An admin or editor will have the ability to look over the post before it is published to make sure everything is correct.
- Create blog posts
- Edit and delete their own posts prior to publication
- Cannot publish posts or pages, or upload files
An author can do all the things a contributor can do, but is also able to publish their own posts and manage them after. This is great for someone who doesn’t need oversight before publication.
- Create, edit, and publish blog posts
- Upload files (like images or PDFs)
- Cannot edit or delete anyone else’s posts or pages
An editor has the ability to oversee and manage everyone’s posts. They can also create and manage pages on the website and delete other’s posts or pages. Because an editor has power over all website written content, this user type should be reserved for people you trust.
- Create, edit, publish, and delete pages and posts
- Moderate and delete comments
- Manage categories and links
- Cannot access settings, themes, or plugins
An administrator can do anything necessary to run a WordPress website. This user role should be assigned only when completely necessary. The admin can adjust settings that can impact how the website looks and functions.
- Install, activate, and delete themes and plugins
- Manage and delete users
- Control and adjust website settings
- Update WordPress, themes, and plugins
Choosing WordPress User Roles Wisely
The important thing to remember, each role going down gives greater access to controls on the website. Assign user roles with just enough capabilities for a person to perform their necessary tasks. Limit greater user roles to people you trust to handle things correctly.
We help our clients make user role decisions when they’re unsure what to choose. This helps give them peace of mind. If you’re unsure which user roles to assign, just remember to start at the top!