Article read time - 5 minutes

WordPress builds upon its modular codebase to provide a robust system that manages user roles and capabilities. This ensures that each user can only access the functionality necessary to carry out the assigned role. However, the default roles might not cover all bases. Instead, you can work with WordPress’ custom user roles.

This isn’t a standard option for most users, unless you have coding knowledge. However, you can implement these using a plugin. It will represent a fantastic way for a site owner to set up custom roles for users, and make sure its security provision remains high.

In this post, we’re going to look at how to work with WordPress custom user roles, and a plugin to help. First, let’s give you a quick overview of WordPress’ user role functionality in general, then compare it to custom instances.

What a Custom User Role Is (Compared to Default Roles)

Before we get into the bulk of custom user roles, let’s go over what the concept is. These are essentially a way to define what a user can do on a site. While this doesn’t necessarily mean front-end users, it can include them.

WordPress offer a number of user role designations by default:

  • Admin. This user role can do everything on a site, and has the most power.
  • Editor. The role can publish and manage posts for all users.
  • Author. This is similar to an editor, but can only publish and manage its own posts.
  • Contributor. There are less privileges here than an Author, in that it can write and manage its own posts, but can’t publish them.
  • Subscriber. This is the lowest role you can set, and lets a user manage their own profile, but nothing else.
  • Super Admin. This is similar to an Admin, but is a special role for a Multisite network.

Each of these roles uses a combination of capabilities, and in most cases do everything you need. However, there are certain situations where you’ll want to make unique definitions for your own site. We’ll come onto the reasons for this next, but the solution is to define specific capabilities to create a WordPress custom user role.

This will let you put together a selection of capabilities and package them as a role, much like any other WordPress user role. Next, we’ll talk about why you’d want to do this.

Why You’d Want to Use Custom User Roles

The benefits of using WordPress custom user roles is much the same as its general-purpose siblings. You can use the Principle of Least Privilege (PoLP) to ensure users don’t access areas not specific to their job or task.

What’s more, you can keep access centered on a few chosen users, rather than use an open network of administrative roles. In the wrong hands, an Admin role can take down a site and even destroy a network of them.

Custom user roles apply the PoLP to your specific site. This ramps up the level of security, and makes sure that users work in a way related to your site only. You define the parameters and boundaries for those who access your site, and simplify usability in one fell swoop.

How to Create WordPress Custom User Roles

There are two ways you can create WordPress custom user roles. However, the manual way – using code – is beyond the scope of the article. What’s more, unless you develop WordPress products, it’s not the most efficient way to add user roles to your installation.

Instead, you should use a plugin dedicated to the task. User Role Editor is a top-tier and long-standing plugin that can help you adjust current user roles, and create custom ones:

We offer a basic introduction to this plugin in our other post on WordPress user roles. Once you install and activate the plugin, you’ll want to head to the Users > User Role Editor screen within WordPress:

user role wordpress

Here, you can change the current user roles on your site, but also add new ones. You’ll do this through the Add Role button on the right-hand side:

add user role wordpress

If you click this, a dialog box will appear that lets you enter a both a role name ID and a display name:

add role wordpress

The Make copy of option is handy, as it lets you copy the capabilities from one existing role to your new one. This is fantastic if you like a particular user role, and want to use it as a good foundation for your own.

Once you click the Add Role button, the plugin will create the new role and show a success message. At this point, it will be an exact copy of the existing role, but you can select the individual capabilities from the list to customize it. Note that you can also choose to show the capabilities in a ‘human-readable’ form.

To select capabilities, simply check the appropriate box. When you’re ready to cement your changes, click the blue Update button, and WordPress will do the necessary. As you’d expect, you can choose these new WordPress customer user roles anywhere you normally would:

choose role wordpress

You could also create your own capabilities with the User Role Editor plugin too. However, you would still need some knowledge of WordPress’ code base. While the option looks simple (given that it’s part of the menu), you’ll want to look over the plugin’s documentation before you attempt to add new capabilities for your roles.

Wrapping Up

User roles offer a fantastic way to set privileges, capabilities, and restrictions for those who use your site. This can keep your site secure, and make usability more straightforward for your users. WordPress’ custom user roles are the way you achieve this.

While you can implement custom user roles using code, a plugin is more accessible. The ever-popular User Role Editor plugin is a solid way to set up and manage custom user roles, along with the default instances too.

Do you need to set up WordPress custom user roles, and will this post help you? Let us know your thoughts in the comments section below!

wordpress support plans

Leave a Reply
Comment policy: We value comments and the time that visitors to our blog spend to give feedback. Please note that all comments are manually moderated and any deemed to be spam or promotional will be deleted.