Best Practices for User Permissions

When you are adding users to your Agility CMS instance it's important to think about what Role that user will have in managing your instance and your content.

Choosing the right permissions (roles) when adding users gives them a safe and streamlined environment when viewing or editing content. When adding users, you should select the bare minimum role that users will require.

This guide we'll go over some of the best practices when adding new users and permissions in your Agility CMS.

What we'll cover

Adding a user who can only view Content without Editing/Publishing

Adding a user with the Reader role permission will grant them access into your Agility CMS, but only allow then to view your content without being able to Edit or Publish new content or modify any of your Content Models.


The figure above shows a user with the Reader role permission. Buttons like Add New or Delete are revoked from this user and text fields are greyed out (uneditable).

Adding a user who should only be able to Edit/Publish Content

Adding a user with the Editor role grants them access to edit and create new items on the site.  This user, however, can only save content and not approve or publish items.


The figure above shows a user with the Editor role permission creating a new blog post.

Adding a user with the Publisher role grants them access to publish content or pages, in addition to edit access.


The figure above shows a user with the Publisher role permission creating a new blog post with the ability to publish.

Adding a user who can only manage specific Pages/Content

Sometimes you may want a user to be able to modify some specific content. This can be done by setting a user's role to Reader and setting security roles on the specific page or content item you want them to modify. Let take a look at an example of this.

After setting a user's permission to Reader, I want to go ahead and grant him the ability to only manage content within the Home Page.

On my Home page, I can navigate to the Security tab and add a new user to the list. This is a list of the users who have specific access to this item.


After selecting a user, I can then select the role I want to give them from the list and submit. In my case, I'll give this user Publisher permissions.


When the user is logged into Agility CMS with their new User Permission roles, the specific content (in this case the Home page) will be editable, but the other pages or content will not be.

Home Page (editable):


Contact Page (non-editable):




1 out of 1 found this helpful



Please sign in to leave a comment.