WooCommerce User Roles and Capabilities: A Complete Guide

Running an eCommerce store requires a lot of work and people. It goes the same for your online store. This is where WooCommerce user roles and capabilities come in. In our guide, we will discuss user roles and permissions in WooCommerce. 

eCommerce stores are different from any regular WordPress sites. That is why WooCommerce added some extra roles to manage eCommerce sites built on WooCommerce. As users with particular roles have different capabilities, you need to know about the roles and their permissions to assign WooCommerce roles to any users. 

Also, for some security reasons, you may need to edit WooCommerce user roles to limit and extend the capabilities of the assigned roles. Don’t worry! We are going to discuss all these in this article. Let’s get started.

What Are WooCommerce User Roles and Capabilities?

In WooCommerce, there are several user roles with different capabilities. You can add as many team members as you want to these roles.

WooCommerce User Roles and Capabilities

Here’s a breakdown of the default user roles and their capabilities:

  • Shop Manager: This role has full control over the store. They can manage products, orders, coupons, and other aspects of the shop. Shop Managers can also manage other users’ roles and capabilities.
  • Customer: Customers are regular users who can browse products, place orders, and view their order history.

Apart from these default roles provided by WooCommerce, you can customize roles and capabilities using WordPress role manager plugins or custom code. For example, you might create custom roles such as “Wholesale Customer” with specific capabilities tailored to wholesale operations. Or maybe, you want to define the capabilities of the existing roles, you can do that too.

Are WooCommerce User Roles Different from WordPress Default User Roles?

As WooCommerce sites are different from regular WordPress sites, the roles are different, and also their capabilities. WooCommerce roles are specific to the eCommerce operation of the site. WordPress by default has some roles. The default roles in WordPress are:

  • Administrator: Administrators have full control over the site. They can perform all administrative tasks, including managing plugins, themes, users, and settings. Administrators also can edit, publish, and delete any content on the site.
  • Editor: Editors can publish, edit, and delete any posts, pages, and custom post types. They can also moderate comments, manage categories and tags, and upload files.
  • Author: Authors can publish, edit, and delete their posts. They can also upload files and manage their profile.
  • Contributor: Contributors can write and edit their posts, but they cannot publish them. Instead, their posts need to be reviewed and published by an editor or administrator.
  • Subscriber: Subscribers have the most limited capabilities. They can only manage their profile by changing their password or email address. Subscribers cannot create or edit content on the site.

As WooCommerce stores are built on WordPress, all WooCommerce sites get the default WordPress roles, When WooCommerce is installed 2 more roles Shop Manager, and Customer roles are added to the list.

How to Add a Shop Manager to WooCommerce Store

Adding a Shop Manager to your WooCommerce store takes several steps. You can create a new user with the “Shop Manager” role in WordPress easily. Here’s how you can do it:

Go to the WordPress dashboard and navigate to ‘Users’ > ‘Add New’.

WooCommerce User Roles and Capabilities

Fill in the user’s details, including username, email, and password, then set their role to ‘Shop Manager’.

Note: If you don’t have WooCommerce installed on your site, you won’t see the Shop Manager role in the dropdown.

Review the details, make sure to select the option to send the user notification email if needed, and click ‘Add New User’ to grant them Shop Manager access.

Difference Between Admin Roles and Shop Manager Roles in WooCommerce

The Administrator role in WooCommerce provides full access to all WordPress and WooCommerce functionalities, allowing users to manage themes, plugins, and core settings, and modify any user accounts and roles.

In contrast, the Shop Manager role is restricted to managing WooCommerce-specific functions, including handling products, orders, and viewing reports. Still, it does not have permission to modify themes, plugins, or core WordPress settings. This delineation ensures that Shop Managers can focus on e-commerce operations without accessing broader site administrative features.

Below is a table showcasing the differences in capabilities between the Administrator and Shop  Manager roles in WooCommerce:

CapabilityAdministratorShop Manager
Full Site AccessYesNo
Plugin and Theme ManagementYesNo
Modify User RolesYesNo
Core WordPress SettingsYesNo
WooCommerce SettingsYesYes
Add/Edit/Delete ProductsYesYes
Manage OrdersYesYes
View ReportsYesYes
Handle CouponsYesYes
Change Site DesignYesNo
Update and Manage WidgetsYesNo
Security SettingsYesNo
Install Plugins/ThemesYesNo
Manage Other PluginsYesNo
Backup and Restore SiteYesNo
Difference Between Admin Roles and Shop Manager Roles in WooCommerce

This table represents the permissions granted to each role, highlighting the full control Administrators have over the WordPress and WooCommerce environment compared to the more limited, WooCommerce-focused access granted to Shop Managers.

How to Add Custom User Roles to WooCommerce Store

Apart from the default roles, you can add a custom role to a WooCommerce store by utilizing WordPress hooks and functions. Here’s a step-by-step guide on how to do it:

Create the Custom Role: You’ll need to add a new role using WordPress’s add_role() function. This function should be executed during the activation of your plugin or theme, or as a one-time action when needed.

function add_custom_role() {

    add_role(

        'custom_role', // Role slug

        'Custom Role', // Role name

        array(

            'read' => true, // Adjust capabilities as needed

            'edit_posts' => true,

            // Add more capabilities as needed

        )

    );

}

add_action('init', 'add_custom_role');

This code creates a role named ‘Custom Role‘ with basic capabilities like reading and editing posts. You can adjust the capabilities array to match your specific requirements.

Assign Capabilities: You can assign capabilities to the custom role using the add_cap() function. This allows you to fine-tune the permissions of the role beyond the defaults.

function add_custom_role_caps() {

    // Get the custom role object

    $role = get_role('custom_role');

    // Add capabilities

    $role->add_cap('edit_products');

    $role->add_cap('manage_woocommerce');

    // Add more capabilities as needed

}

add_action('admin_init', 'add_custom_role_caps');

This code adds additional capabilities to the ‘Custom Role’, such as editing products and managing WooCommerce settings. Adjust the capabilities according to your requirements.

Remove the Custom Role: If needed, you can remove the custom role using the remove_role() function. This should be executed during the deactivation of your plugin or theme or as a one-time action when needed.

function remove_custom_role() {

    remove_role('custom_role');

}

register_deactivation_hook(__FILE__, 'remove_custom_role');

This code removes the ‘Custom Role‘ when your plugin or theme is deactivated.

Make sure to replace ‘custom_role’ with your desired role slug and adjust capabilities according to your specific needs.

How to Add a Custom Role for WooCommerce Store With a Plugin

Apart from the default roles on your WooCommerce store, you can add a custom role with different capabilities with WordPress plugins. 

You can use the User roles editor by FMEAddon for that. Get the plugin from the WooCommerce extension library. Install as you install any other plugin on your website.

Go to your WordPress dashboard > WooCommerce > FME User Roles, click on “Add role

How to Add a Custom Role for WooCommerce Store With a Plugin

Now enable/disable capabilities to give or limit permission on different actions for that particular role.

How to Add a Custom Role for WooCommerce Store With a Plugin

How to Customize Capabilities of WooCommerce Roles 

You can also modify the default WooCommerce role or edit any new role you may have created. For that, you need to install the User roles editor by FMEAddon plugin too.

Go to your WordPress dashboard > WooCommerce > FME User Roles, and click on Edit on any role you want to customize. Let’s say you want to customize the Shop Manager role in the WooCommerce store. 

How to Customize Capabilities of WooCommerce Roles 

Click on “Edit” on that particular role and enable/disable capabilities to give or limit permission on different actions.

How to Customize Capabilities of WooCommerce Roles 

Click on “Save Changes” once you are done. You can customize the capabilities of any user role of the WooCommerce store with this plugin. 

WooCommerce User Roles and Capabilities Best Practices 

When managing user roles and capabilities in WooCommerce, following best practices can help ensure your store operates smoothly while maintaining security and efficiency. Here are some key best practices for managing WooCommerce user roles and capabilities:

  • Limit Access to Necessary Permissions Only: Only assign user roles that provide the permissions necessary for individuals to perform their job functions. Over-privileging users can lead to security risks or accidental configuration changes.
  • Customize Roles for Specific Needs: If the built-in roles don’t fit your needs perfectly, consider using a plugin like “Members” or “User Role Editor” to create custom roles in the WooCommerce store or modify existing ones. This allows for more granular control over what users can see and do within your store.
  • Regularly Review User Access: You need to review who has access to your WordPress and WooCommerce backend, especially after changes in staff or contractors. Be sure to remove or downgrade access for those who no longer need it to minimize potential security vulnerabilities.
  • Strong Authentication Practices: Encourage or enforce strong passwords using plugins that enforce password rules. Consider implementing two-factor authentication (2FA) for additional security, especially for roles with more capabilities.
  • Educate Users on Security Practices: Ensure that all users, particularly those with administrative or managerial access, are trained on security best practices, like recognizing phishing attempts and securing login credentials.
  • Audit and Monitor Activities: Use auditing and monitoring tools to keep track of changes and activities performed by users within your store. Plugins like Activity Log can help you monitor and record user actions, providing an audit trail in case of issues.

By implementing these best practices, you can ensure that your WooCommerce store is secure, efficient, and tailored to meet your business needs while minimizing risks associated with user management.

Understanding WooCommerce roles and permissions is crucial when it comes to managing a WooCommerce store. You need to know what roles are capable of doing what in your store. Learn WooCommerce roles and capabilities before assigning anyone new roles. Good luck!

Amie Suzan
Amie Suzan

As a seasoned WordPress technical writer with five years of experience, I am passionate about WordPress and web development. I also enjoy traveling, particularly solo trips, which allow me to explore new places and gain fresh perspectives.

Articles: 87

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *