Typical Roles and Permissions That Get Implemented In An Episerver Project

After development has finished and testing has given the thumbs up, there comes the inevitable time on every project where the new shiny website everyone has waited for will be handed over to the business to be used in anger. It is a very bad idea to let every content editor have access to everything. Some people aren't technically minded and shouldn't be trusted to have the power to potentially take the whole website down. Some people should only be allowed to add content, other people may need access to reports or to just review and publish content. When handing over the website and you need to set up the roles and permissions for the content editors within the organization, you may wonder what roles do most organizations typically set-up? In today's tutorial, I'm going to cover a very standard configuration that I've seen used on many projects. This guide is aimed at people who are new to Episerver. These roles are the bog standard roles that must project use, however, each individual company's business processes will steer the exact roles and permissions that you will need to implement. On most projects, I will usually go and have a face-to-face conversation with the project sponsors, or, content team. Some users may be in more than one role, one person may be all roles, or there may be a separate person for each role. It’s all up to the business and it’s all customizable to the business needs.

How To Set Roles

If you go into the Episerver Admin episerver_admin_roles On the 'Admin' tab, in the 'Access Rights' section, go to 'Administrative Groups'.


This out of the box must have a role. The 'everyone' roles, is used to allow anonymous visitors permissions to view your web pages. On every Episerver project, the everyone role must have read access to all content that you want to be publicly available. Member Of: Read


Every project will need one or more admins. It is good practice to have more than one 'Administrators' accounts. Years ago, I had to do an onsite visit and the only admin for their website was ill that day. We needed to make some fundamental change and the only way to access the system was to hack the database. If the admin user person leaves, is ill, or on holiday, then panic can occur very quickly so I recommend having at least two admin accounts. Out of the box, Episerver comes with a default 'Administrators' group that has access to Read, Create, Change, Delete, Publish, and Administer, so setting 'Administrators' users is simply deciding who the 'power users' of the company needs to be and setting it. Usually, this will be you and the team. Member Of: Read Create Change Delete Publish Administrator As for the normal mortal, they will usually fall into one of the typical role buckets listed below:

Web Editors

Content Editors are usually marketing, or, web team people that will be in charge of editing content in Episerver. In a lot of instances, these users will only be able to create content and not delete it, or, publish it. Member Of: Read Create Change

Web Admins

Web Admins are trusted content editors, these people oversee the website's content delivery, they can create, delete and publish items. It's up to them to proof-read and approve content changes. Member Of: Read Create Change Delete Publish

Content Publisher

Typically, the Content Publishers are the marketing team managers that will make final decisions to approve the content and then publish it live to the web. Member Of: Read Publish

Marketing Analyst

Typically, the Marketing Analysts are the analytics guys who will be working with stats. Viewing reports custom admin report etc.. these are the guys analyzing the effectiveness of the marketing efforts and possibly putting together reports for higher ups. Due to the limited nature of the Episerver admin permissions, these users will normally need full permissions. If you have created custom admin pages, then they will need full access. Member Of: Read Create Change Delete Publish


In today's guide, I've covered some of the basic roles and permissions you will likely need to implement in your Episerver solution. The main groups most projects need are admins, everyone, editor and web admin.

Jon D Jones

Software Architect, Programmer and Technologist Jon Jones is founder and CEO of London-based tech firm Digital Prompt. He has been working in the field for nearly a decade, specializing in new technologies and technical solution research in the web business. A passionate blogger by heart , speaker & consultant from England.. always on the hunt for the next challenge

Back to top