Function and Purpose
The Joomla user system governs access to content and administrative functions. Each user has their own account with login credentials, profile information and an assigned user group. Access rights (ACL) are managed through these groups and assignments via the access control (ACL).
Creating and Managing Users
- Create: New users are created in the backend under Users → Manage → New. There you set the name, login details and permissions.
- Groups and roles: Users are assigned to one or more user groups to define permissions.
- Frontend registration: Depending on the site settings, visitors can register themselves and are automatically given a predefined role (e.g. “Registered User”).
- Profile management: Extensions like “User – Profile” enable additional fields and settings in the user account.
Overview of User Roles
- Registered User: Can log in, view protected content and edit their profile.
- Author: Can write and save their own articles but cannot publish them.
- Editor: Can edit all articles but cannot publish them.
- Publisher: Can publish and unpublish articles.
- Manager / Administrator: Access to the backend with extended administrative rights.
- Super User: Full access to all functions, including global settings and user management.
Important Notes
- Password protection: Use strong passwords and optionally enable two-factor authentication.
- Privacy: User accounts contain personal data — ensure GDPR-compliant settings and deletion routines.
- Review permission assignments: Avoid granting unnecessarily high permissions to reduce security risks.
- User activity: Modules or plugins can show which users are currently logged in.