Allow WordPress Users to Create Only Lower-level Accounts
WordPress arrives with five user roles that you’ll see on a new site.
- Subscriber
- Contributor
- Author
- Editor
- Administrator
These roles are in a hierarchy from Subscriber up to Administrator. Subscribers are at the bottom with very few permissions and each subsequent role has more permissions.
If you need a refresher on these roles, click below to find out more about each role:
- Subscriber permissions
- Contributor permissions
- Author permissions
- Editor permissions
- Administrator permissions
We had a question from a user who wondered if this hierarchy could be used when creating users. Is it possible to allow Authors to only create Subscribers and Contributors? Or is it possible to allow Contributors to create only Subscribers?
Yes, it is possible with the PublishPress Permissions Pro plugin.
PublishPress Permissions Pro has a feature called “User Management”. If this feature is enabled, it stops user from editing the account of anyone with a higher level. This feature has three options:
- any user: Users who can edit users can edit any user.
- equal or lower role levels: Users who can edit users can only modify users in their own role, or roles with less access.
- lower role levels: Users who can edit users can only modify users in roles with less access.
How to block WordPress users from managing higher-level users
To get started, you will need PublishPress Permissions Pro installed.
Next, create a user with the “Editor” role.
Third, you’ll need to edit the permissions for the Editor role. This is because, by default, only Administrators can create users in WordPress. I used the PublishPress Capabilities plugin to make sure Editors had these permissions:
These permissions allow them to access the “Users” link in the WordPress admin area and also create new user accounts.
Thanks to PublishPress Permissions Pro, this image shows what they will see. This new user can access Editor and Author accounts, but not the Administrator account.
If Editors do try to create a new user, they will not be able to choose the Administrator role: