User Roles

Last Updated:

WordPress user roles are designed to give the website owner the ability to control what users can and cannot do within a site. Each role is allowed to perform a set of tasks, or capabilities.

There are six pre-defined user roles in WordPress, but an infinite number of custom roles (with custom capabilities) can be created. The six default roles are:

  • Super Admin (Multisite only)
  • Administrator
  • Editor
  • Author
  • Contributor
  • Subscriber

What is a WordPress User?

Before we can understand user roles, we need a basic understanding of what a WordPress user is.

A WordPress user is simply someone who can log in to your website. Every user in WordPress is made up of the following:

  • a username, email address & password
    • Usernames can be used to log in, and are also used to generate the URL for the user’s author page
    • Email addresses can also be used to log in, and are used for sending password reset emails, as well as occasional notifications
    • Passwords are used for the sole purpose of logging into the site
  • some general biographical information
    • First & last name
    • Nickname
    • Short bio
    • Website
    • Profile picture
  • a user role

What are WordPress User Roles?

A user’s role is what determines the level of access they have to your site. Each role is assigned a list of permissions (called “capabilities”). These capabilities determine the more specific features & functions of a site that a WordPress user has access to.

A typical WordPress site has 5 default user roles. There is a sixth user role called Super Admin, but that is only available in WordPress Multisite. In order from most-to-least access, let’s explain each role in more detail.

Default WordPress User Roles

Administrator

An Administrator has complete access to manage every aspect of your website. When WordPress is installed, the first user that gets created has Administrator access. Because this role is so powerful, you should assign as few Administrators as possible (ideally, only one).

A WordPress Administrator has the following capabilities:

  • Update WordPress core
  • Complete control over themes & plugins, which control both the design & functionality of your site
  • Complete control over user management
  • Manage all of your site’s settings
  • Full access to content, including posts, pages, media, images and any other custom post types
  • Moderate blog comments

Learn more about the WordPress Administrator role »

Editor

An Editor has complete access to manage your site’s content. They cannot access your settings, themes, plugins or users, which means they can’t change the design of your site, or break important functionality.

A WordPress Editor has the following capabilities:

  • Full access to content, including posts, pages, media and images
  • The ability to approve another user’s content that is pending review
  • Moderate blog comments

Learn more about the WordPress Editor role »

Author

An Author has the ability to manage only their own content, but no one else’s. This means an Author cannot approve, edit or delete another user’s content. They also cannot edit static pages (only posts), nor can they moderate comments.

A WordPress Author has the following capabilities:

  • Add, publish, edit and delete their own posts (but not pages)
  • Upload & edit their own images and other media files

Learn more about the WordPress Author role »

Contributor

A Contributor can write new posts, but cannot publish them. They are also denied the ability to upload media files.

A WordPress Contributor has the following capabilities:

  • Add their own posts (but not pages)

Learn more about the WordPress Contributor role »

Subscriber

A Subscriber cannot manage any aspect of your site. By default, once logged in, a Subscriber can only access his or her profile in order to change their password and basic information.

Learn more about the WordPress Subscriber role »

Custom WordPress User Roles

Aside from the default user roles, WordPress allows you to create any number of custom user roles with fine-tuned capabilities. There are several plugins that make it easy to manage user roles, as well as create custom ones, but our recommendation is Justin Tadlock’s Members plugin.

Additional WordPress User Roles

Some WordPress plugins will add additional user roles to your site. These roles will appear on your Users screen, and you’ll have the ability to assign them to your users. A common example of this is WooCommerce, a popular ecommerce plugin for WordPress.

WooCommerce creates the following user roles:

  • Customer – for customers to manage their store account and view past orders
  • Shop Manager – for someone to manage your store’s settings & access reports