What are WordPress User Roles & Permissions? How to Manage Them?

Last Updated: 12 mins By: ThemeGrill Author

If you’re running or plan to run a WordPress website, it’s important to understand WordPress user roles and permissions.

In simple terms, user roles in WordPress are simply permissions for users to perform specific tasks. A person with a certain user role can only exercise authority specified by that role.  

WordPress provides 6 default user roles for admins to manage WordPress users. In this article, we’re going to learn about all the WordPress user roles in detail. We’ll also discuss how to add new users and manage them in WordPress easily. 

So, let’s get started.

A. What are WordPress User Roles and Permissions? 

WordPress user roles are a group of users with specific privileges in WordPress. As the owner, you can assign user roles to the users of your WordPress site. This action will result in limiting their access to certain parts of your website’s dashboard.  

The user roles exist to keep your website clean and secure. If not, every user in your dashboard could access everything, and one could easily compromise your website’s security. 

So, WordPress user roles or WordPress user permissions simply allow a website owner to limit what a specific user can or cannot do. 

B. Default WordPress User Roles and Permissions 

WordPress comes with six different user roles and permissions, with their respective privileges. Out of those six WordPress user roles, five are the most common ones and exist within a single site.

The roles include: 

1. Administrator 

Administrators have the highest authority, second only to Super Admins. They have complete access to any corner of the dashboard.  

Besides that, administrators can: 

  • Manage themes and plugins 
  • Add new users or remove existing ones 
  • Change the user role of website’s users 
  • Moderate comments 
  • Create, publish and manage content 

A website sees the least number of admins to preserve the website’s security. So, if you have too many admins on your website, Security Alert! 

2. Editor 

Editors are responsible for managing all the content on your website. So, they can: 

  • Create and publish content on the website
  • View and delete posts even if they’re published 
  • Moderate, edit and delete comments 
  • Manage tags, categories, links 
  • Manage media files like images 

Compared to administrators, the number of editors is bigger. And, the privileges of editors are limited since they can’t install a theme or a plugin or manage them on the website. 

3. Author 

Authors have similar privileges as editors but are somewhat limited. Like editors, authors can: 

  • Create and publish posts  
  • View, edit, and delete their posts 
  • Manage media files like images 
  • View comments 

But unlike editors, authors cannot manage someone else’s posts. They also can’t approve comments.  

4. Contributors 

Contributor is a WordPress user role with very little access to the site’s dashboard. They can create, edit, manage and delete their posts. 

However, they can’t publish their content like the authors. Moreover, they also don’t have access to managing themes, plugins, and comments. 

5. Subscribers 

A subscriber is someone with the least privileges. Out of all the WordPress user roles, subscribers are the ones who don’t have access to the website’s dashboard.  

So, subscribers can’t create or edit content. What they can do is view the website’s content, comment on them, manage their profiles. And, most of the time, access the pages that regular visitors can’t. 

6. Super Admin 

Remember admins who had access to all parts of a website? Well, imagine that but for multiple sites. A super admin can make changes that span a network of websites. Their privileges include: 

  • Add websites to the network 
  • Remove a website from the network 
  • Install, manage and remove plugins 
  • Manage admin privileges 

Thus, super admins have more access than admins, but they generally oversee the network of websites and leave managing a single website to admins. 

Well, that was about it for introducing WordPress user roles and permissions.

Now, if you’re an admin of your site, you’ll have to manage all the user roles and users. And in this next section, we’ll show you how to do that. 

C. How to Add a New User to Your WordPress Website? 

There’s more than one way to add users to your WordPress website. And we’ll discuss both of them.

Without further delay, let’s jump into it. 

1. Using WordPress Dashboard 

You can add users to the website directly from the WordPress dashboard in just a few steps. This method works best if you’re adding just a few users to your site.  

To add users from the dashboard, first, log in to your WordPress dashboard. 

WordPress dashboard

Then, go to Users >> Add New

Users to Add New

There, fill up the fields that ask for a username, email, name, etc. As for the password, WordPress generates a strong password by default. But you can also input the password that you see fit. 

Fill New User Details

And by ticking the Send User Notification option, you agree to send the user an email about their account.  

The next step is to choose the role from the dropdown. Note that the user role Super Admin is only available in multisite networks. So, single websites have only five default user roles as options for your WordPress users.

Radio Button to Choose Role

Finally, click on the Add New User button to complete the process.  

To see your users, you can head over to Users >> All Users

Users to All Users

This place is where you manage all your users. But more on that later. 

All Users Page

Pat yourself in the back. You did that smoothly and efficiently. 

2. Using User Registration Plugin 

Did you know that you can add users from the front-end of your website as well? This is possible by letting your visitors register themselves as users through front-end registration forms. Doing this is a good idea if you want to add many users, like subscribers. 

There are many plugins to do this, but the one we recommend is the User Registration plugin by WPEverest. It’s a free WordPress registration form plugin that comes with a user-friendly drag and drop form builder. So, creating custom registration forms is easier and quicker than you can imagine.

User Registration Plugin

Some major features of the user registration plugin include: 

  • Clean and smooth user interface 
  • Enable strong password option
  • Extra custom fields 
  • Google reCaptcha support 
  • Email customizers and editable notifications 
  • Integration with email marketing services and payment gateways

Not to mention, all the awesome features you get in the premium version. For example, you can use its WooCommerce add-on to place shipping and billing addresses on your registration form.

We could go on. But we hope you get the gist. Without further delay, let’s explore how you can add users using the plugin easily. 

i. Installing the User Registration Plugin 

Now to install the plugin, first, go to Plugins >> Add New. 

Plugins to Add New Step

In the search bar, type User Registration WPEverest. When the plugin shows up, click on the Install Now button on its panel.  

Install User Registration

Once you do that, click on the Activate button that’ll appear on the same spot.  

Activate User Registration

When the plugin is activated, User Registration will redirect you to the plugins list. There, you’ll see a welcome text with a button to install the User Registration pages: My Account and Registration.

That’s right. You don’t even have to create the pages. Save yourself some time and click on Install User Registration Pages

Install User Registration Pages

And with that, the registration and user profile page have already been created for your website. 

ii. Customizing User Registration Pages 

If you’d like to customize the user registration form, you can do so by going to the User Registration tab on your dashboard.  

User Registration Tab on Dashboard

There, hover over the name of the form you’d like to edit. By default, you’ll have one registration form named Default Form. Under that form, you’ll see the Edit option. Click on it.  

Edit Default Form

Or if you want to create a new registration form from scratch and then edit it, you can do so by going to User Registration >> Add New in your dashboard.  

User Registration to Add New

Doing either of these will take you to the form editor window. This window is where you customize your form.  

User Registration Form Editor Window

The interface is fluid and intuitive, so you shouldn’t have any problem creating the form you want. You can also change the field options to make your form feel more interactive.  

If you want to know more about creating a user registration page in detail, check out our article on how to create a WordPress user registration form

iii. Form Settings 

Once you’ve finished customizing the fields and the options, now comes the form settings. Simply click on the Form Setting tab to access it.  

Form Settings Tab

Surf through the options and decide on the behavior of your form and your users.  

The user login option lets you decide whether you want users to log in automatically or manually after registration. 

User Login Option UR

Use the Default User Role option to decide the role of your users when they register using this form. By default, Everest Forms has set it to Subscriber.  

Default User Role UR

And don’t forget to check the Enable Strong Password option. This option is for the security of your site and users. 

Enable Strong Password UR

The Redirect URL option handles which page your users go to when the registration is successful. 

Make use of the Form Submit Button Custom Class and Form Submit Button Label to change the text and style of the submit button. 

Redirect and Form Submission UR

Further, you can use the Success message position button to decide where the success message appears after a successful registration.  

Success Message Position UR

Also, check the Enable reCaptcha Support button to prevent bots from registering.  

Enable Captcha Support UR

And last but not least, you can use Form Template and Custom CSS class options to change the look of your form.  

Form Templates User Registration

After you change the form settings, click on the Update Form button on the top right corner to save your changes. 

Update Form User Registration

And that’s about it when it comes to changing your form settings. You don’t need to change everything. Since the default form looks terrific on its own, you can focus on important options like Default User Role, Strong Password, reCaptcha.

iv. Anyone Can Register 

We do have one important thing to do before we can let users register. That is letting WordPress know that we’re allowing users to register.  

So, go to Settings >> General from your dashboard. 

Settings to General

You’ll see an option called Membership. Just tick the checkbox for Anyone can register.

Turn Membership Option On

Scroll down and click on Save Changes to finalize your decision.  

There! Now, anyone will be able to register to your site using your registration form.  They’ll automatically be assigned the default user role you’ve set in the registration form.

D. How to Change User Roles of Existing Users? 

If you ever think a user deserves a different role, you can make that happen in just a few clicks.  

First, go to Users >> All Users using your dashboard.  

Users to All Users

You can see the list of all your users here. To change someone’s role, tick the checkbox of the user.  

After that, use the Change role to dropdown to pick a role and click Change.  

Change User Role

That’s it! The role of that user has changed.  

If you want to make further changes, like the credentials and information of the user, hover over the name of the user and click on the Edit option that shows up under the name.  

Edit Button on a User

Using this page, you can edit the user info like the user’s public name, email, password, etc. 

User Info Change Window

If you decide to make any changes, don’t forget to click on the Update User button to save your changes.   

Update User Button

E. How to Delete a User from WordPress? 

If you have to delete a user for some reason, here’s how. 

Go to Users >> All Users. Then, hover over the name of the user and click on the Delete option under the name. 

Delete Button on User

Click on the Confirm Deletion button to let WordPress know you’re sure about deleting the user.  

Confirm Deletion Button

And it’s done! The user no longer exists on your website. 

Wrapping it Up 

WordPress user roles are groups of people with specific privileges on a WordPress website. Having a good knowledge of the user roles and permissions while creating a website keeps your website secure.

Adding users is a piece of cake in today’s platforms like WordPress, especially when you have one of the best WordPress plugins like User Registration. So, you don’t have to go through the tedious process of registering every user yourself.  

If interested, you can explore other WordPress user registration and profile plugins as well.

Also, share this article on your social media if you found it helpful. For similar articles, we suggest you go through our blog full of WordPress-related articles.


ThemeGrill Author

We are a team of SEO copywriters and editors who work both individually and in the team. ThemeGrill author is where one of the editors here is working on one project personally. Write to us @themegrill_blog in Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top

Pin It on Pinterest