How to Add Custom User Roles on Your WordPress Site (Plugin+Code)

As your WordPress website grows and evolves, the default user roles provided by WordPress may not fully align with your requirements.

Whether you're running a membership site, an eCommerce platform, or a content-heavy blog, if you have the ability to create custom user roles, it can become a game-changer. You can easily manage user access and permissions effectively.

WordPress has six predefined roles: Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Each role is allowed to perform a set of tasks called Capabilities. That means capabilities for each type of role are different.

For example, the Subscriber user role has only read capability whereas the Contributor has different capabilities, such as read, delete posts, and edit posts.

In this article, We are going to discuss why a custom user role is necessary and how to add a custom user role. But first, you should be-

Understanding User Roles in a WordPress Site

Before you go and create any custom user roles, you need to know about the default user roles of WordPress. The user roles are-

  • Administrator: The Administrator role has the highest level of access and control over the WordPress site. Administrators can manage all aspects of the site, including installing plugins, creating and editing content, managing user accounts, and modifying site settings. They have full control over the site's functionality and can perform any administrative tasks.
  • Editor: Editors have the ability to create, edit, publish, and delete their own content, as well as content created by other users. They can manage and moderate comments, create categories and perform various editorial tasks. However, editors do not have access to sensitive site settings or the ability to install plugins or themes.
  • Author: Authors can create, edit, publish, and delete their own posts. They have control over their own content and can manage comments on their posts. However, authors cannot modify or delete content created by other users, and they do not have access to plugins or site settings.
  • Contributor: Contributors can write and submit their own posts for review but cannot publish them. Once submitted, their posts must be approved by an editor or administrator before they are published. Contributors cannot modify or delete posts created by other users and have limited access to site settings.
  • Subscriber: Subscribers have the most limited access among the default user roles. They can log in to the site and update their profile information. Subscribers can also leave comments on posts, but they do not have the ability to create or edit content. Subscribers are primarily used for user registration and membership purposes.

Check this article to learn more about WordPress user roles.

Why a Custom User Role is Necessary?

Before we go into how to create a custom user role, we need to understand why it is necessary to create one-

  1. Role-Based Access Control (RBAC)-With RBAC, you can define different user roles based on their responsibilities and permissions.
  2. Fine-Grained Permissions – By creating custom user roles, you can define granular permissions at a more detailed level.
  3. User Segmentation- Custom user roles enable you to segment your user base and provide tailored experiences based on their roles.
  4. Content Moderation – If your application involves user-generated content, a custom user role can be useful for content moderation purposes
  5. Custom Workflows – A custom user role allows you to define custom workflows or business processes within your application.
  6. Different Pricing Tiers or Subscriptions – If your application offers different pricing tiers or subscription plans, custom user roles can help enforce access restrictions based on the user's subscription level.

Now, lets see how you can create custom user role for your WordPress site.

Creating Custom User Roles on Your WordPress Site

An illustration on wordpress user roles explained

Suppose, you want to have a user who can only edit posts and read, but among the six default user roles, you will not find a single one who has only read and edit posts capabilities but more or less. In this case, what’s the solution?

You may add edit posts capability for the subscriber by using add_cap(); function, but this is not a good practice. The best idea is to create a custom user role by assigning them capabilities.

There are two major ways of creating custom user roles in WordPress.

  • Create a custom user role using custom code
  • Create a custom user role using a plugin

We will discuss both approaches in this post. Let’s see how they work.

How to Add, Edit & Delete A New User Role Using a Plugin

You may like to use a plugin instead of adding custom code. To create new user roles you can use Members plugin, it is a very popular user and role management plugin that was created to make WordPress a more powerful CMS.

You can easily install the plugin from your WordPress dashboard. Just go to WP-Admin–>Plugins–> Add New. There type the plugin name and activate the plugin. Now let's see how to add a new role using the Members plugin.

After activating the plugin, you can see all the available roles,

This is a screenshot of the Available user roles

1. Creating a New User Role

  • After installing and activating this plugin navigate to wp-admin → Members → Add New Role
This is a screenshot of the on how Add new user role
  • Now, enter the role title (e.g Comments Moderator)
  • Select the capabilities for this new user role (e.g. moderate comments, read)
  • Click on Add Role button.
This is a screenshot of adding a new user role

2. Assigning the New User Role

In order to assign a new user role, go to WP-Admin–> Users. Choose a user and assign the new role from the drop-down box,

This is a screenshot on how to Assign new role

3. Assigning the New User as Default User Role

Now, go to WP-Admin → Settings → General, and click on New User Default Role dropdown field. You can see and assign the newly created user role listed along with the default user roles.

This is a screenshot of adding a default user

It's very easy, right? Using this handy plugin, we have created a WordPress custom user role and it took only a few steps!

4. Editing a User Role

With this plugin, you can edit an existing user role or the new custom role as well. Just go to WP-Admin–> Members. If you hover over your selected user role, you will find the Edit option.

Note: You can find the delete option as well if you want to remove any user role.

This is a screenshot on how to Edit User role

Now, check or uncheck the capabilities and then click on the Update button.

This is a screenshot of a User role edited

This is how you can edit or delete a user role using the plugin.

dokan multivendor marketplace solution

How to Add, and Delete a User Role Using Custom Code

WordPress is the number one CMS in the world and it is popular for its open-source nature. This means you have the opportunity to customize WordPress the way you want and it's completely FREE. Just like that WordPress gives you the opportunity to create a custom user role by using a function called add_role();

The CMS provides five functions for managing WordPress roles and capabilities:

  • add_role(): For adding a custom role.
  • remove_role(): For removing a custom role.
  • add_cap(): For adding a custom capability to a role.
  • remove_cap(): For removing a custom capability from a role.
  • get_role (): Gets information about the role and its capabilities.

There are three parameters in add_role() function.

add_role( $role, $display_name, $capabilities );

  1. $role (string) (required): Unique name of the role
  2. $display_name (string) (required): The name to be displayed
  3. $capabilities (array) (optional): Capabilities that one can access

Let’s create a new user role named Moderator with read, create and publish posts capabilities. Include the following lines of code toward the end of your functions.php, which is located in your theme folder.

You can add the code by navigating to Appearance–> Theme File Editor.

add_role('moderator', 'Moderator', array(
'read' => true,
'create_posts' => true,
'edit_posts' => true,
'edit_others_posts' => true,
'publish_posts' => true,
'manage_categories' => true,
));

Here's how it looks like-

This is a screenshot of adding a new role using custom code

You will find the new user role in the WP-Admin–> Users section,

This is a screenshot of the New role added using code

Now save the file, log in to your site with an admin account. Navigate to Settings → General. You can see the newly created user role in the user list.

This is a screenshot of a New user role

That’s all, you can assign a user to this role from the WordPress admin panel, also you can set this role as New User Default Role.

Removing a User Role Using Code

In order to remove a user role, just use the remove_role() function.

remove_role( 'subscriber' );
remove_role( 'editor' );
remove_role( 'contributor' );
remove_role( 'author' );

After that, click the update button,

This is a screenshot of the Remove roles using code

You will see that the roles have been removed,

This is a screenshot of the Only user left

This is how you can add and remove roles using custom code.

We hope this tutorial will be very helpful for beginner users. If you have any suggestions or queries, please let us know in the comments.

If you want you can check out this video as well-

FAQ(s) on WordPress Custom User Roles

What is the list of all possible Capabilities per user roles?

1. Super Admin
create_sites
delete_sites
manage_network
manage_sites
manage_network_users
manage_network_plugins
manage_network_themes
manage_network_options
upload_plugins
upload_themes
upgrade_network
setup_network
2. Super Admin + Administrator
activate_plugins (single site or enabled by network setting)
create_users (single site)
delete_plugins (single site)
delete_themes (single site)
delete_users (single site)
edit_files (single site)
edit_plugins (single site)
edit_theme_options
edit_themes (single site)
edit_users (single site)
export
import
3. Super Admin + Administrator
install_plugins (single site)
install_themes (single site)
list_users
manage_options
promote_users
remove_users
switch_themes
update_core (single site)
update_plugins (single site)
update_themes (single site)
edit_dashboard
customize
delete_site
4. Super Admin + Administrator + Editor
moderate_comments
manage_categories
manage_links
edit_others_posts
edit_pages
edit_others_pages
edit_published_pages
publish_pages
delete_pages
delete_others_pages
delete_published_pages
delete_others_posts
delete_private_posts
edit_private_posts
read_private_posts
delete_private_pages
edit_private_pages
read_private_pages
unfiltered_html (single site)
unfiltered_html
5. Super Admin + Administrator + Editor + Author
edit_published_posts
upload_files
publish_posts
delete_published_posts
6. Super Admin + Administrator + Editor + Author + Contributor
edit_posts
delete_posts

Is there a way to control whether an editor has access to only specific categories?

Yes, you can control and set your editors’ capabilities.
There are some plugins in the WordPress repository to manage Editors’ capability or you can fix the editor role from your dashboard by selecting the ‘screen options’ just below the boxes feature.

How to manage user roles and permissions in WordPress?

Here's how you can manage user roles and permissions in WordPress-
1. Understanding User Roles
2. Accessing User Roles and Permissions
3. Assigning User Roles
4. Customizing User Permissions
5. Creating Custom User Roles
6. Testing User Roles.

Is it possible to create different types of Administrators?

Yes, it is possible to create different types of administrators with varying levels of access and permissions. Here's how you can create different types of administrators with specific backend access:
Regular Administrator: This would be the default administrator role with full access to all features and functionalities within the dashboard.
Membership Administrator: To create a Membership Administrator role with backend access limited to the membership plugin, you would need to define a custom user role specifically for this purpose. This custom role would have the necessary permissions and capabilities to manage the membership plugin while restricting access to other areas of the dashboard.
Plugin-Specific Administrator: Similarly, for creating an administrator with backend access to a different plugin but no access to other areas, you would need to define a custom user role for this purpose. The custom role would be granted permissions and capabilities related to the specific plugin, while restrictions are applied to prevent access to other parts of the dashboard.

Is there a way to control whether an editor has access to only specific categories?

Yes, you can control and set your editors’ capabilities.
There are some plugins in the WordPress repository to manage Editors’ capability or you can fix the editor role from your dashboard by selecting the ‘screen options’ just below the boxes feature.

How to create a technical role but restrict Publishing rights and User management rights?

To create a technical role that restricts publishing rights and user management rights, you can follow these general steps:
Identify the Requirements: Determine the specific permissions and capabilities that the technical role should have. Make a list of the functionalities that the role needs access to and those that should be restricted.
Create a Custom User Role: Utilize a plugin or implement custom code to create a custom user role with the desired name for the technical role. This can be done using WordPress' add_role() function or through a plugin that offers role management functionality.
Define Role Capabilities: Specify the capabilities that the technical role should have. You can use WordPress' add_cap() function or a role management plugin to assign capabilities to the custom user role. Ensure that the capabilities assigned to the role do not include publishing rights or user management rights.
Restrict Publishing Rights: To restrict publishing rights, remove the capabilities associated with publishing and editing content. This can include capabilities such as publish_posts, edit_posts, delete_posts, and other related capabilities. This ensures that the technical role cannot publish or modify content on the website.
Restrict User Management Rights: To restrict user management rights, remove the capabilities associated with managing users, such as create_users, edit_users, delete_users, and other relevant capabilities. This prevents the technical role from adding, modifying, or deleting user accounts.
Test and Refine: Test the custom role by logging in with a user assigned the technical role and verify that the desired restrictions are in place. Make any necessary adjustments to the role's capabilities to ensure that it aligns with your requirements.

How I can change the name of a role already created?

You can use the WP User Role Renamer plugin to rename the user roles. Here is the download link: https://wordpress.org/plugins/wp-user-role-renamer/

How to create 2 user roles with the same set of privileges

It is possible to create two user roles with the same set of privileges (capabilities) but restrict access to specific content for each role. Here's how you can achieve that:
Create Two Custom User Roles: Using a plugin or custom code, create two custom user roles named “Readers A” and “Readers B”. Assign the same set of privileges (capabilities) to both roles. This ensures that both roles have the same level of access and capabilities within the system.
Restrict Access to Specific Content: To make “Articles A” available only to “Readers A” and “Articles B” visible only to “Readers B”, you need to implement content restrictions based on user roles. This can be done using plugins or custom code.
Test and Verify: After implementing the content restrictions, thoroughly test the system to ensure that “Articles A” are only accessible to “Readers A” and “Articles B” are only visible to “Readers B”. Login with different user accounts assigned to each role and verify that the desired content restrictions are in place.

Create a Custom User Role For a WordPress Site the Right Way!

We are at the end of our article and we have shown two ways to create a custom user role-

  • Using a plugin
  • Using custom code.

Now it is up to you to decide which way you prefer. If you are sure about your technical skills then you should try the custom code method. But if you don't have the time and are not sure about your technical abilities then you should use the plugin method.

If you have any questions regarding the methods, do leave your questions in the comment section.

Subscribe to weDevs blog

We send weekly newsletter, no spam for sure

Rabbi
Written by

Rabbi

Software Engineer

Have something to say? Cancel Reply

Your email address will not be published.

Table of Contents