For many people, the standard Administrator account is all they will ever use, or need on their WordPress website, but what if you need to give someone else access to your WordPress "admin" area?
WordPress has a default set of roles, and each of those has a different set of permissions - we'll go over each role in a little bit of detail to ensure you know exactly what you're giving access to, and so that you can choose the right role for the requirements.
As you can see, there are 5 basic roles as standard, with a 6th coming into play if you're using the WordPress Multisite feature. Let's take a look at what each of the roles can do, and when they should be used.
This is the most important role on any WordPress website. It gives full access to EVERYTHING so please assign your administrator roles with extreme caution!
The Administrator can add, edit and remove posts and pages created by themselves, and any other users.
Administrators can also add, edit, and remove themes and plugins, as well as add new users with any role, and delete any other user, even other administrators - for this reason, it's recommended that you only give administrator access to very well trusted people, or better yet, only have one single administrator - you!
The editor role is, as the name suggests, someone who oversees the posts of others. Anyone with an editor role can edit, publish, and delete posts that they create, and posts created by other users.
Editors are also able to moderate plugins and manage categories, and permalinks on posts/pages.
They can't, however, add themes, or plugins, or make changes to them, so that's a step down from the administrator role.
The purpose of the administrator role is to manage the roles below and that will become clearer when you understand the Author and Contributor roles.
This role is exactly as you would imagine - it's sole purpose is to create posts (they also have the ability to add media, so they can also create media rich posts)
The Author is able to create, edit, and delete their own posts, however they can't edit or delete posts created by any other users.
If you have a content write, the Author role is likely the best role for them, it allows them to create and publish content but doesn't give them too much in the way of permissions, so they can't break anything!
The contributor role is a watered-down version of the author role. Contributors have very little permissions, they can create posts of their own, they can also edit and delete their own posts, however, they can NOT publish them, nor can they add media.
When a Contributor adds a new post it will not be published unless an Administrator or an Editor approves the post and publishes it.
This role is best used if you're trying out a new content creator or using someone for one-time tasks, it lets you review the post and approve it (or delete it!) before it's made public on your website for your readers to see.
This role is rarely used on any website that doesn't have a subscription based model (e.g a site that must have an account before you can access content).
In terms of abilities, the Subscriber can't do anything apart from manage their own account, and read posts on the website. If you'd like to require people to have an account before they can read posts, this is the role for them, and this should always be set as your default role when a user signs up.
This role isn't available on a standard WordPress install, and is reserved solely for use on WordPress Multisite installs.
The Super admin role is actually a step up from the standard Administrator - on a Multisite install, the Administrator account won't be able to add new plugins or themes, they will need the Super Admin to do this for them - they will then be able to activate or deactivate those plugins on the sites that they administer.
The default WordPress roles are extensive, however, if you need more roles or would like to control what each role can do more closely, you can use a plugin such as the User Role Editor Plugin.
Look out for more on adding and managing existing roles in a future post.
For most websites, you should ensure you are the only administrator, unless you have someone you trust that requires full access to everything, and I mean everything. The Editor role should be someone you trust to oversee your contributors and Authors who's role should be to create your site content.
Subscribers can't do anything apart from read posts on your website, and should be your default user roles, and finally, the Super Admin is something you will only see on a multisite install.