Beginner’s Guide to WordPress User Roles and Permissions

T24HM content is free. When you purchase via referral links on our site, we earn a commission. Learn More
wordpress user roles

Project Cool content is free. When you purchase via referral links on our site, we earn a commission. Learn More

Josh featured profile image

I hope you *enjoy* reading this blog post.

If you want my team to help you grow your business, get in touch.

add new wp user roles

WordPress is designed for work as an individual or a team, so there are a variety of WordPress roles that define what particular users can and cannot do on your website. Having a clear understanding of WordPress roles and permissions are valuable as your site continues to grow. 

In this beginner’s guide to WordPress user roles, we’ll discuss each different user roles and permissions in five distinct sections. 

When you install WordPress, you’ll have 5 default WP user roles: 

  1. Administrator 
  2. Editor
  3. Author
  4. Contributor 
  5. Subscriber 

In each section, we will discuss what the user roles are and what WP permissions each role has. 

1. WP User Role: Administrator

The first of the WordPress roles we will explore is the administrator. As you may imagine, the administrator is the most powerful of all WordPress roles. When a user has the administrator role, they are able to add new posts, edit existing posts by any user on the site, as well as delete those posts. 

In addition to complete control over WordPress content, administrator WordPress roles can install, edit, and delete both plugins and themes, including WordPress payment gateways.

WordPress administrators can also duplicate WordPress pages and posts.  

Perhaps the most important permission that the administrator has is the ability to add new users to the site. They can also change information about the existing users as well as their passwords. Any user can be deleted by an administrator— even other administrators! 

The administrator WordPress roles are typically held by site owners only so that you can have full and complete control over your WordPress site. As an administrator, you should be very careful what users you assign WP user roles and WordPress permissions, especially if they are for an administrator role. It may be tempting to give more WordPress permissions to users when you work on a multi-user team, but be very careful. 

It’s even been discussed whether or not you should give out your admin WordPress roles to plugin developers and other people on your team who work to enhance the site; keep in mind that if you give out admin WordPress permissions to any user, they can completely sabotage your website. 

It’s a good idea to keep your admin WP user roles reserved only for the site owner (yourself) and any other site owners that may exist. 

2. WP User Role: Editor

The second of the WordPress roles that we’ll discuss is the editor role. As per the name, the editor role is going to have complete control over your WordPress content especially for editing purposes. 

The WordPress permissions allotted to the editor role is the ability to write, edit, publish, and delete any post on your WordPress site, which includes posts that were written by other authors. 

In addition to post editing, editors will have the ability to edit, moderate, and delete comments on the posts. 

The WordPress permissions that your editor WordPress roles will not have include making changes to site settings, plugin installation, theme installation, or new user addition— these tasks will need to be done by an administrator. 

3. WP User Role: Author

The third of the WordPress roles available to you is the author role. This role, as the name would suggest, is for WordPress permissions including writing, editing, and publishing posts. Authors can also delete their own posts, both published and draft posts. 

Authors are able to categorize their posts into existing categories, but they will not be able to create new categories. They can, however, add tags to their posts. 

Author WordPress roles can view comments including those that are pending review; they won’t be able to moderate, approve, or delete any comments on posts, even if they are on their own post. 

The WordPress permissions that are not provided to the author are the access to settings, plugins, or themes, making it a generally low-risk role. The only WP permissions that may be undesirable for an author is that they can delete their posts after they’ve been published on the site. 

4. WP User Role: Contributor

The fourth of the WordPress roles that you can utilize is the contributor role. Contributor WordPress user roles can add new posts and edit their own posts, so their access is very limited. 

Contributors cannot publish any posts— not even ones that they’ve written. They also can’t create categories, so they must choose from pre-existing categories. Contributor WordPress roles can, however, add tags to their posts. 

Another big downside to the contributor role is that they aren’t able to add any files, meaning that someone else will be responsible for adding images and media to their articles. 

Contributors are able to view comments, including those pending approval, but they can’t approve or delete comments on their own accord. 

WordPress permissions not afforded to contributor WordPress roles include access to settings, plugins, or themes, so none of your site settings will ever be changed by a contributor. 

5. WP User Role: Subscriber

The final of the WordPress roles available to you is the subscriber role. Subscribers will have a user profile and they are given WordPress permissions to sign into your WordPress site and adjust their profile, including password change. 

This WP user role is most often used for sites that require their viewers to log in before reading content or leaving comments on the site. 

The WP permissions the subscriber does not have includes writing posts, viewing comments, and pretty much everything else in your WordPress site settings and admin area. It’s the most limited of all the WordPress roles. 

WP User Role: Super Admin

In addition to the five normal WordPress roles, there is a bonus role that exists on the WordPress Multisite Network: the super admin role. 

A user with this role will have WordPress permissions allowing them to add and delete sites on the multisite network. 

They also, in essence, have all of the normal admin WP permissions for the entire multisite network— installing plugins and themes, adding users, in addition to performing WordPress multisite network-wide actions. 

Customizing Existing User Roles

publishpress capabilities

The five basic WordPress roles are in place to suit the needs of most websites. They are the most common roles needed by website owners and businesses; for instance, if you run a blog site, you can assign your team the WordPress roles of editors, authors, or contributors depending on the level at which they work with your endeavor. 

You may have a senior staff member that works as an editor, while many of those writing posts for you need to be approved and they are thus given the contributor WP user roles, and so on. 

Is it possible, though, to modify the WordPress permissions of existing user roles? 

We discussed a few downsides of the roles; particularly the idea that the author can delete their own posts even after it's been published. If this happens, it can cause a huge snag in your entire workflow and content strategy.

Even worse still, if you paid an author for content and they decide to delete everything before they part ways with your endeavor, you may lose out on a big investment. 

For these reasons, you may seek to edit the author WordPress user roles to eliminate the permission for post-publishing post deletion.  

The first step in adjusting existing WordPress user roles is to install and run the PublishPress Capabilities plugin. After you activate it, navigate to Users > Capabilities, where you can then modify any WP user roles. 

Then, in the top right box that reads Select Role to View / Edit, choose the user role you want to edit and click Load. You’ll then see all of the WP permissions in the left boxes. 

delete published author permission

You can then select and deselect any of the permissions you want to add or remove. For the author role, you’ll deselect the Delete Published capability. After you finish making adjustments, scroll down and click the Save Changes button. 

Creating Your Own Custom User Roles in WordPress

What about if you want to create your own WordPress roles aside from those 5 defaults available to you? 

Using the Capability Manager Enhanced Plugin, you can do that as well. Navigate to the same page, Users > Capabilities, and find the Create New Role box on the right side. Enter the user role name in that box. 

create new role publishpress capabilities

You can then choose your desired capabilities by selecting them in the boxes on the left. Then, Save Changes at the bottom of the page and you’ll have an addition to your WordPress roles. 

We hope you now have a clear understanding of the different WordPress roles and how you can use them effectively on your site. What other questions do you have about WordPress permissions or user roles?

Let us know in the comments!  

By the way, another thing that you need to know is how to change permalinks in WordPress. It matters for rankings, traffic, and a good user experience.

By notme

10 Guides


Share on facebook
Share on twitter

By notme

10 Guides


Share on facebook
Share on twitter
Share on facebook
Share on twitter

Related Reads: