Bitcatcha's content is reader-supported. When you purchase through links on our site, we may earn an affiliate commission. Learn more

WordPress User Roles And Permissions: A Beginner’s Guide

June 17, 2024


So you’ve already picked a great web host and started creating your WordPress website – super! As your company begins to expand, so will your team and those who require access to your WordPress website.


If you’re not familiar with user roles and permissions on WordPress, things can get kinda messy. Fear not! That’s why we’re here. This article will break down the basics you need to know.



What Are The Different WordPress Roles And Permissions?


Let’s first understand what WordPress roles and permissions are.


WordPress user roles are essentially a collection of access privileges. These users are assigned to different groups by the site owner based on the duties they will carry out on the website.


This is where permissions come in. Permissions are the privileges that the user roles have. The users’ access to and ability to perform certain actions within the WordPress dashboard are controlled by these permissions.


Simply put, WordPress user roles and permissions enable website owners to regulate what particular users are allowed to do on their platforms.


Now, before we get into the different WordPress roles and permissions, you may want to consider getting a managed WordPress hosting platform. If you want results but lack the time or expertise to handle behind-the-scenes management for your WordPress website, then signing up will be very helpful for you and your business.


So, without further ado, let’s dive into the 6 different WordPress roles.


1. WordPress super administrator


WordPress Super Admin

Super Admin can usually be found on multisite networks. (Credit: PublishPress)


The highest-level user on a WordPress site is the Super Admin. They are typically only present on WordPress installations with multiple sites and have complete control over all features and settings within the Multisite network.


Users with this role can manage everything on the website, including adding and removing users, installing and activating plugins, managing themes, and more. On top of this, they also have the ability to add and remove other Administrators, make new sites, and manage the content on each site.



2. WordPress administrator


WordPress Administrator role

The administrator role can pretty much control everything on the website.


For non Multisite installations, the administrator is the most powerful user, and has the key to unlocking every door on your website. Anyone with this role has total control over the WordPress dashboard. They have the freedom to change parts of your website whenever they want and can add new pages, posts, plugins, and themes.


Basically, every setting is available to the administrator role. They also have the ability to control other users and modify their information, roles, and passwords.



3. WordPress editor


WordPress Editor role

The editor role has a lot of permissions but not as much as the admin role.


An editor, as the title of this user role suggests, is typically in charge of managing content. That’s why they have high-level access and have the ability to edit, publish, create, and delete both pages and posts, including those written by other users. They also have the ability to manage links and categories and also moderate comments.


While they have a lot of access, editors can only do so much. For instance, they are unable to make site-wide adjustments like installing updates or adding plugins and themes. Instead, they are in charge of evaluating the authors’ and contributors’ work.



4. WordPress author


WordPress Author role

Despite having fewer permissions, authors still play an important role.


Compared to editors, authors have fewer permissions. For instance, they are unable to edit pages or change user-generated content, and also have no administrative abilities of any kind.


They are, however, able to write, modify, remove, and publish their own posts (and upload media files). This pretty much says everything about their position: an author’s only responsibility is to produce content.



5. WordPress contributor


WordPress Contributor role

The contributor role is like a “junior” version of the author role.


A simplified version of the author role is what the contributor role basically is.


A contributor can only perform three functions:


  1. Read all posts
  2. Delete posts
  3. Edit their own posts


Because it does not allow users to upload media files or publish posts, this role is quite limited. But, it is best suited for first-time and inexperienced content creators.



6. WordPress subscriber


WordPress Subscriber role

People don’t really find the need to have this role unless you have a subscription-based website.


Subscribers typically have a WordPress dashboard that is incredibly minimal and only has one primary function. All they can pretty much do is manage their own profiles and read every post on the website.


Most sites won’t use this feature because technically anyone can read posts without being given a role by default. But, when you want to restrict access to content for specific individuals on subscription-based websites, it is very useful.



How To Manage User Roles On WordPress


Now that you understand what each user role can do, let’s look at how to manage them. We’ll dive into how you can add, update, and delete user roles.


1. How to add new user roles


When you want to add a new user, you first need to have the Admin role. After that, the process of adding user roles in WordPress is fairly simple from there on.


This is where you’ll initially assign permissions for different roles. But, of course, if changing the user’s role later better suits your needs, you can always do so as the Administrator. We’ll talk more about that in a moment.


So, let’s take a look at the step-by-step guide on how to add user roles:


  1. Go to your WordPress Dashboard.
  2. Click “Add New” under the Users menu item in the WordPress Admin dashboard.

    add new wordpress user

    Add a new user through the Users tab.
  3. When you’re there, enter the required user details.

    fill in required fields

    Fill in all the fields that are required.
  4. After filling in the required fields, tick the box beside “send the new user an email about their account” if you want the user to be notified about the account.
  5. Now you have to choose a user role. The “Subscriber” role is set as the default user role so make sure to change it to fit your needs.

    choose WordPress user role

    Different roles have different permissions so choose the right one you need.
  6. Once you’re happy with all the information you’ve listed, you can click on “Add New User” to add the new user role.


If you want to add more users, simply repeat these steps again!



Want to change your WordPress username? Don’t worry, read our guide on how to change WordPress username.


2. How to update user roles


A WordPress user’s role can be changed instantly, and they will receive an email informing them of their new role on your website.


Here’s how to do it:


  1. Go to the Users menu of your WordPress dashboard.
  2. Then, hover over the name of the user that you want to update and click on “Edit”.

    edit user in wrodpress

    Click on “Edit” to edit the user role
  3. You can edit fields like their name, email address, and user role after clicking the edit button. However, you cannot change your username here.

    edit and update everything except username

    You can change everything but the username of the selected user.
  4. Once you’re happy with your changes, you can click on Update User at the bottom-hand side of the screen.

    clickon update to change the user role

    Scroll down to the very bottom of the screen settings to find “Update User”.


When you save the changes, WordPress immediately applies the new roles and permissions.


3. How to delete user roles


There can be instances where a user needs to be completely removed from your website.


For example, maybe you employed a temporary freelance editor to work on your website for a period of two months. So when the two-month period ends and the contract expires, you might want to remove his access from your website.


Follow the steps below to delete a user role:


  1. Go to the Users menu of your WordPress dashboard.
  2. Hover over the user that you want to delete from your WordPress website. Then, simply click “Delete”.

    click Delete to remove account

    “Delete” will be displayed in red text.
  3. After that, a prompt will be displayed to confirm that you want to proceed with it.

    click on Confirm Deletion

    Before clicking on “Confirm Deletion”, make sure you’re sure about your decision.
  4. Just click on “Confirm Deletion” and the user will be deleted from your website.


Users who you removed access from your website will be notified through their email and they’ll no longer possess any login information on your site.



Applying The Right User Roles And Permissions For Your Website


Knowing how to use the different user roles effectively is just as crucial as understanding them and how they work.


With that said, every site works differently, but you can follow some of our general advice for using this simple yet amazing feature:


  • Give only the level of access that each user needs
    This is mostly for your security – so that nobody can delete content by accident or make unauthorized changes.
  • Limit the number of top-level user roles
    Having a single administrator and a small group of dependable editors is a good general rule of thumb. For instance, regular content creators who have demonstrated their abilities can be given the Author role, while new or occasional writers can be simply given the Contributor role. You don’t have to give all of them the Administrator role.
  • Consider using plugins for user roles
    Even though the built-in system works well, you might want to add a plugin to make it more functional. With the help of user role plugins, you can modify and create new roles that are specifically tailored to you. The User Role Editor is a good place to start.


And, always keep in mind that when in doubt, it’s better to grant very few permissions than too many.



Manage WordPress User Roles the Right Way


Understanding the various capabilities attached to each role is important if you want to properly manage WordPress user permission and roles. This will ensure that your website remains safe and functions properly by having the right settings in place.


With this knowledge, you can better manage your website and make certain that users have access to the right level of content and features.


Follow Bitcatcha to stay updated with more tech-related tips!