A great feature of WordPress are the different user roles, with which rights can be easily assigned and restricted. But which WordPress user roles are there, how do you assign them and which role is suitable for which user? Questions over questions, which we will gladly answer.
The 5 WordPress user roles at a glance
Let's first take a look at the five different standard user roles that can be assigned in WordPress.
The head of the WordPress installation is the administrator. He has access to everything, can create posts, publish, install plugins, delete pages, fiddle around in the editor and of course create, delete or change the rights of other users. If you assign administrator rights to someone, you should trust this person completely.
The editor is so to speak the heir to the WordPress throne, because he is allowed to do quite a lot, but not as much as the administrator. As an editor you can create posts, change (edit) other people's posts and manage categories and tags (keywords) - the ideal role for content managers. You can even add and delete other users; only the administrator is untouchable and cannot be edited by the editor.
The author in WordPress may create articles and publish them completely independently. Likewise, with author rights you can manage the comments in your own articles, i.e. unlock or delete them. You cannot fiddle around with other people's articles. For this you would need the superior editor status.
A user with the user role "Employee" may write contributions, but may not publish or schedule them on his own - for this an editor is needed. An author cannot "unlock" the contributions of a co-worker, since the co-worker can only publish his own contributions.
The subscriber is the lowest user role in WordPress. People with this status can comment posts and manage their own profile - no more, but also no less. If you have checked the box "Everyone can register" in WordPress under Settings → General, the subscriber should be the default user role for security reasons.
Further user roles
There is one more user role: the Super-Admin! He has access to all functions within a WordPress multisite network. With a "normal" WordPress installation this user role does not appear. This is different with user roles such as SEO Manager and SEO Editor, which are added to the default roles after installing plugins like Yoast SEO. Equipped with these rights, one has access to corresponding functions of the plugin to take SEO measures.
Create WordPress users
A new user is quickly created in WordPress. Navigate to the item Add new user → New. Alternatively, you can click on the + in the header of the WordPress dashboard and click on the link "User".
Assign a user name and enter the e-mail address with which the new user will be registered in the future register with WordPress should. If the user is to receive the password via e-mail, the corresponding check mark must be set at "Notify user". Select the user role for the new user from the drop-down menu on the same page.
Change User Role
If an already created user should get an upgrade or downgrade of his access rights, you can also handle this quickly as administrator. To do this, navigate to the menu item User → All Users again and select the respective user. Once you have found it, click on "Edit" under the name. Now you can change the rights under "User Role" and update the user by clicking on "Update User" (at the bottom).
Tip: Plugins for managing rights in WordPress
If the rights of individual user roles are too extensive for you, you can create them with plugins like Adminimize restrict. The user will then only see in the WordPress Dashboard what an administrator allows him to see - regardless of the user role. Such plug-ins not only provide security, but in many cases also make the WordPress backend clearer for individual users.