Contentstack provides four user roles: "Owner," "Admin," "Developer," "Content Manager," and "Custom Role." Let’s understand these roles in detail.
Creating a stack in Contentstack makes you the Owner of the stack. Each stack can have only one Owner, who has complete rights to the content and settings of a stack in addition to the combined rights of a "Developer" and a "Content Manager." Apart from this, the Owner has the right to delete a stack as well as transfer the ownership of the stack to another user.
The Admin role has the following rights:
- Create, update, delete, publish, unpublish entries and assets
- Create, update, delete languages, environment, content types and custom roles
- Invite users to and remove users from the stack
- View audit logs and publish queue
The Admin role has more rights than a Developer and fewer than the Owner. To know the difference, refer the Stack Admin vs Stack Owner section.
A "Developer" is a person who creates the structure of the site or defines the way content will appear on the site. Hence, this role has been assigned the following permissions:
- View audit logs
- Create Roles
- Invite users
- Create/edit/delete languages, environments, and content types
- All the rights of a Content Manager
To know the difference between the Admin and Developer roles, refer the Stack Admin vs Stack Developer section.
A ‘Content Manager’ is a user who works with/on the content of a stack. Thus, this role has been assigned the following rights:
- View content types
- Create/publish entries and assets
- View publishing queue
Note: Content Managers cannot edit content types or access stack settings. This role is partially editable, i.e., you can define the environment(s) and locale(s) this role has access to.
In addition to the predefined system roles (‘Admin’, ‘Developer’, and ‘Content Manager’), you can add custom roles by defining specific permissions, and assign this role to the users of a stack.
The best part about custom roles is that you have fine-grained control over permissions. You can assign permissions at entry, field, and asset level. For example, ‘ABC’ role can READ only two entries of a content type, or EDIT only the SEO fields, or cannot READ any assets.
Refer the Create role section to learn more.