- Each permission corresponds to a user role
- Each role is allowed to perform a set of actions called capabilities
- Each role may have one to many capabilities
- Allows redefining of built-in WordPress user role capabilities
- You can create as many user roles as you need
- Connections can create their own user roles and capabilities
Permissions help you design authorization rules for your apps through categorizing users to certain roles which can or can not perform predefined actions called capabilities.
Most capabilities are predefined(built-in) by WordPress. WPAS and external apps (through connections) can define additional user roles and capabilities as well.Read More
By enabling or disabling capabilities, you define authorization rules for entities, taxonomies, widgets, forms and views. The built-in WordPress roles can also be modified to support your app's authorization requirements. Unauthorized users see a message customizable per component basis.
As a general rule, if a capability is not assigned to any user role, it is assigned to visitors. Visitors are users who are not registered on your WordPress site.
- Ability to create custom roles