Skip to content Skip to footer navigation

Permissions

Permissions are the individual abilities you tick when building a role — view entries, edit assets, manage users, and so on.

Hot Tip!

Permissions get bundled into Roles, which you assign to users or user groups. Developers registering new abilities in PHP should see Custom Permissions.

A troll pointing a teaching stick

Overview#

A permission is a single capability, identified by a string handle (e.g. edit blog entries). You don't assign permissions directly to users — you add them to a role, then attach that role to users or groups.

Out of the box Statamic ships with the matrix below. Wildcard handles like {collection} or {site} expand once per matching item (one permission per collection, site, etc.).

Statamic's native permissions#

Permission Handle
Access the Control Panel access cp
Configure Sites configure sites
Configure Fields configure fields
Configure Form Fields configure form fields
Manage Preferences manage preferences
Access site access {site} site
Create, edit, and delete collections configure collections
View entries view {collection} entries
↳ Edit entries edit {collection} entries
  ↳ Create entries create {collection} entries
  ↳ Delete entries delete {collection} entries
  ↳ Publish entries publish {collection} entries
  ↳ Reorder entries reorder {collection} entries
  ↳ Edit other author's entries edit other authors {collection} entries
    ↳ Publish other author's entries publish other authors {collection} entries
    ↳ Delete other author's entries delete other authors {collection} entries
Create, edit, and delete navs configure navs
↳ View nav view {nav} nav
  ↳ Edit nav edit {nav} nav
Create, edit and delete global sets configure globals
Edit global variables edit {global} globals
Create, edit and delete taxonomies configure taxonomies
View terms view {taxonomy} terms
↳ Edit terms edit {taxonomy} terms
  ↳ Create terms create {taxonomy} terms
  ↳ Delete terms delete {taxonomy} terms
Configure asset containers configure asset containers
View asset container view {container} assets
↳ Upload assets upload {container} assets
↳ Edit folders edit {container} folders
↳ Edit assets edit {container} assets
  ↳ Move assets move {container} assets
  ↳ Rename assets rename {container} assets
  ↳ Delete assets delete {container} assets
View users view users
↳ Edit users edit users
  ↳ Create users create users
  ↳ Delete users delete users
  ↳ Change passwords change passwords
  ↳ Assign user groups assign user groups
  ↳ Assign roles assign roles
Edit user groups edit user groups
Edit roles edit roles
Impersonate users impersonate users
View updates view updates
Configure forms configure forms
View form submissions view {form} form submissions
  ↳ Delete form submissions delete {form} form submissions
Configure addons configure addons
Edit addon settings edit {addon} settings
Access utility access {utility} utility
Resolve Duplicate IDs resolve duplicate ids
View GraphQL view graphql

Need something that isn't in this list? Register a custom permission.

Author permissions#

Author permissions are a little bit special. They determine the control users can have over their own entries or those created by other authors.

Important!

This feature only has any effect if your entry blueprint has an author field. If you don't already have an author field, this functionality is not available.

A troll pointing a teaching stick

Site permissions#

When using the multi-site feature, Statamic will check for appropriate site permissions in addition to whatever it's checking.

For example, when you try to edit a blog entry in the french site, Statamic will check if you have both the edit blog entries and access french site permissions.

Super users#

Super users bypass the permission matrix entirely. They aren't granted each permission — they skip the checks. Use them sparingly.