Trusted WordPress tutorials, when you need them most.
Beginner’s Guide to WordPress
25 Million+
Websites using our plugins
Years of WordPress experience
WordPress tutorials
by experts

Beginner’s Guide to WordPress User Roles and Permissions

Editorial Note: We earn a commission from partner links on WPBeginner. Commissions do not affect our editors' opinions or evaluations. Learn more about Editorial Process.

Do you want to understand WordPress user roles and permissions better?

WordPress has a user role management system defining what a user can and can’t do on your website. Knowing these user roles and permissions is essential as your WordPress site grows.

In this guide, we will go in-depth into WordPress user roles and permissions so you can better manage your site.

Beginner's guide to WordPress user roles and permissions

What Are WordPress User Roles and Permissions?

Using WordPress user roles and permissions correctly gives you complete control over your WordPress website and can help improve your website security.

WordPress allows you to add multiple users to your website. You can also open user registration on your website so that other users can sign up.

When adding a new user to your website, you can choose a user role for them. You can also set a default user role for your site, which will be automatically assigned to new users who sign up for an account.

A user role comprises specific capabilities, or permissions, that spell out the actions a user can take on your website.

There are five default user roles available in WordPress by default:

  1. Administrator
  2. Editor
  3. Author
  4. Contributor
  5. Subscriber

You can see a complete visual comparison between each user role by viewing the infographic below:

View the WordPress user roles infographic

Alternatively, you can read the summary of each user role and their capabilities and permissions below.

1. Administrator Role

On a regular WordPress website, the administrator role is the most powerful user role. Users with the administrator role can add new posts, edit posts by any users, and delete those posts.

Plus, they can install, edit, and delete plugins and themes.

Most importantly, admin users can add and delete users and change information about existing users, including their passwords.

This role is basically reserved for site owners and gives you full control of your WordPress blog. If you are running a multi-user WordPress site, then you need to be very careful who you assign an administrator user role.

2. Editor Role

Users with the editor role in WordPress have complete control over the content sections of your website.

They can add, edit, publish, and delete any posts on the site, including the ones written by others. An editor can moderate, edit, and delete comments as well.

Editors cannot change your site settings, install plugins and themes, or add new users.

3. Author Role

Users with the author role can write, edit, and publish their own posts. They can also delete their own posts, even if they are already published.

When writing posts, authors cannot create new categories, but they can choose from existing ones. They can also add tags to their posts.

Authors can view comments, even those that are pending review, but they cannot moderate, approve, or delete any comments.

They do not have access to site settings, plugins, or themes, so it is a relatively low-risk user role. The only exception is the ability to delete their own published posts.

4. Contributor Role

Users with the contributor role can add new posts and edit their own posts, but they cannot publish any posts.

When writing posts, they can choose from existing categories and create their own tags.

The biggest disadvantage of the contributor role is they cannot upload files, so they can’t add images to their posts.

Contributors can also view all website comments, but they cannot approve or delete comments.

Finally, they don’t have access to website settings, plugins, or themes, so they cannot change any settings on your site.

5. Subscriber Role

Users with the subscriber role can log in to your WordPress site, update their user profiles, and change their passwords.

They can’t write posts, view comments, or do anything else inside your WordPress admin area.

This user role is particularly useful if you have a membership site, online store, or another site where users can register and log in.

If you want to create a custom login experience for your visitors, then see our guide on how to add a front-end login page and widgets in WordPress.

Bonus: Super Admin Role

This user role is only available on a WordPress multisite network.

Users with the super admin user role can add and delete sites on a multisite network. They can also install plugins and themes, add users, and perform network-wide actions on a WordPress multi-site setup.

Think of it like having admin access to every site in the network.

How to Customize Existing User Roles and Permissions in WordPress

The default WordPress user roles have capabilities that will work for most WordPress websites and blogs.

For example, if you run a magazine website, then the ‘Editor’ role can be assigned to senior staff, the ‘Author’ user role can be for junior writers, and the ‘Contributor’ role can be for guest writers.

But sometimes, you might want to customize the permissions and capabilities assigned to the role for the specific needs of your website.

Like the default author role that lets users publish their posts and also gives them the ability to delete their published posts. In this case, you may want to remove the capability that lets authors delete their posts.

There are some plugins that add specific roles to your website, such as a comment moderator user role plugin.

But if you want to customize your WordPress user roles, the easiest way is by using the Members plugin. It lets you simply create, manage, and change user roles across your website.

The first thing you need to do is activate and install the plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

Upon activation, you will have a new menu item called ‘Members’ in your WordPress admin panel.

You need to go to Members » Roles and click on the user role you want to edit.

In this example, we will be editing the ‘Author’ role, but you can choose the best role for your needs.

Select user role to edit

This brings you to a screen where you can fully customize the capabilities for that role.

To remove a capability for the role, simply check the ‘Deny’ box. If you want to add a new capability, check the ‘Grant’ box.

Here, we will check the ‘Deny’ box for the Delete Posts user capability.

Edit user role capabilities

If you don’t check a box for an available role, that user won’t have that capability.

Once you have finished customizing your role, click the ‘Update’ button.

The changes you make will automatically apply to all existing users with that role, and all new users the role is assigned to.

How to Create Custom User Roles in WordPress

Another thing you can do is create completely custom user roles in WordPress with unique sets of capabilities.

To do this, you be using the same plugin as above.

Simply navigate to Members » Add New Role, and give your new role a name.

For instance, you can create a developer role that you can give to a WordPress developer with specific permissions granted.

The left-hand column has different sections that have lists of available capabilities. We will select the ‘Appearance’ tab and then add capabilities to edit, install, and update themes.

Create new user role

After that, click the ‘Add Role’ button to save the user role.

Next, you can create a new user and assign them the new user role.

To do this, go to Users » Add New and fill in your new user information.

Add new user role

At the bottom of the screen, you will see a ‘User Roles’ section.

Simply check the boxes for the user roles you want to assign to the new user and then click the ‘Add New User’ button.

Assign new user role

Now, you have created a new custom WordPress user role and assigned it to a new user.

For more details, see our guide on how to add new users and authors to WordPress.

If you want to create a WordPress user role that’s only for moderating comments, then see our guide on how to allow blog users to moderate comments in WordPress.

We hope this article helped you understand user roles and permissions. You may also want to see our guide on how to register a domain name and our expert picks for the best free website hosting.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi with over 16 years of experience in WordPress, Web Hosting, eCommerce, SEO, and Marketing. Started in 2009, WPBeginner is now the largest free WordPress resource site in the industry and is often referred to as the Wikipedia for WordPress.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

99 CommentsLeave a Reply

  1. Syed Balkhi says

    Hey WPBeginner readers,
    Did you know you can win exciting prizes by commenting on WPBeginner?
    Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
    You can get more details about the contest from here.
    Start sharing your thoughts below to stand a chance to win!

  2. Mrteesurez says

    This is a detail article that nailed out all what user roles entail and give best practices to assign each to specific users.
    My question:
    By default, Does a contributor role can see an admin bar ?
    I know of athour role.

    • WPBeginner Support says

      Unless you disable it for the user role, all user roles would see the admin bar when logged in.


  3. Jiří Vaněk says

    I need to add a user to the website who will only have specific rights to what he can do on the website and what he must not have access to. Thank you for the instructions on how to create exactly such a user in WordPress. It saved me a lot of time looking for instructions on how to achieve this.

  4. Waqar says

    Your blog is really awesome, especially when ever I need to learn something about WordPress in deep dive.

  5. Jen says

    Hi WPB, how many “admin” roles can a website have? On my site, the original admin has full rights. But new admin usernames don’t. Is that normal?

    • WPBeginner Support says

      You can have as many admin users as you like on a WordPress site, if you do not have the default admin privileges then either a plugin may have modified the privileges as the most common reason.


  6. Sam says

    Hi – I’m wondering if I can set a default for subscribers that doesn’t allow them access to the dashboard. I have subscribers through a free online course. I want to automatically eliminate the dashboard access so I don’t have to manually uncheck the box “Show Toolbar when viewing site ” Is there a way to do that?

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.