How to manage access to AAM page for other users

Sometimes there is a need to give access for other, none-administrator users to manage access to certain website resources likes posts and pages, metaboxes and widgets or API endpoints. You also do not necessarily what to give too many privileges like changing capabilities or creating new roles. That is AAM gives you flexibility to define very granular access also to the AAM page and its features.

Advanced Access Manager Customized

Prior to AAM v4.7, most of the access management to AAM functionality could be accomplished with ConfigPress configurations however I figured that it probably will be a little bit more transparent and intuitive if access control to AAM features can be accomplished with few custom capabilities.

By default, access to AAM functionality is granted only for users that have administrator capability (technically only users with the Administrator role) but in order for other none-administrator users to use AAM features, you can redefine this behavior with few simple steps.

Step 1. Redefine capability to AAM page itself.

The first step is to redefine the default access capability. Create custom capability aam_manager. Go to the Capabilities tab and on the top right corner hit + Create button. From this point only users with aam_manager capability checked, will have access to the AAM functionality. The aam_manager capability is enough to grand access to almost all functionality with few exceptions that we will mention below.

Note! Make sure that you do not misspell aam_manager capability. “R” in the end!

Step 2. Manage access to AAM features.

The next step is to define what actually user can do within AAM page and below is the list of all available capabilities with detailed description. Keep in mind that majority of AAM features are designed to manage settings for specific role, user, visitors or to everybody all together (Default settings). That is why you also have to make sure that when you grand access to specific AAM features, you also allow user to manage either list of roles with aam_manage_roles capability; manage users with aam_manage_users capability; manage visitors with aam_manage_visitors capability.

It is strongly discouraged to give ability for other users to manage Default access settings as they will affect your administrator user too. However if you really need to do that, make sure that your desired user has aam_manage_default capability.

Please note! AAM has integrated users/roles filtering that is based on user levels so you should not worry that user with lower user level will be able to manager users and roles with higher user level. For more information about this feature please refer to the WordPress Users and Roles Filter article.

List of customer capabilities

Below is the complete list of capabilities that are currently supported by AAM core however please do not hesitate to contact me directly if you have any questions of need more flexibility with additional capabilities.

aam_manage_admin_menu
Grant access to the Admin Menu feature
aam_manage_toolbar
Grant access to the Admin Toolbar feature
aam_manage_metaboxes
Grant access to the Metaboxes & Widgets feature
aam_manage_capabilities
Grant access to the Capabilities feature. Note! It is most likely you would not want to give access to this feature
aam_manage_posts
Grant access to the Posts & Pages feature
aam_manage_api_routes
Grant access to the API Routes feature
aam_manage_access_denied_redirect
Grant access to the Access Denied Redirect feature
aam_manage_login_redirect
Grant access to the Login Redirect feature
aam_manage_logout_redirect
Grant access to the Logout Redirect feature
aam_manage_404_redirect
Grant access to the 404 Redirect feature. This feature is available only on the Default level for all users, roles and visitors.
aam_manage_settings
Grant access to the Settings feature
aam_manage_extensions
Grant access to the Extensions feature
aam_manage_ip_check
Grant access to manage IP Check. Available only with premium IP Check extension
aam_show_notifications
Show AAM Notification Panel if any reported
aam_manage_roles
Allows user to see and manager the list of roles
aam_manage_users
Allow user to see and manager the list of users.
aam_manage_visitors
Allow user to manage access for visitors
aam_manage_default
Allow user to manage default access to all users, roles and visitors. Note! It is not recommended to give access to this functionality as it may affect administrators
aam_create_roles
Allow user to create a new role
aam_edit_roles
Allows user to edit existing roles
aam_delete_roles
Allow user to delete existing roles. Note! By default, AAM does not allow to delete any existing role that has one or more users assigned to it
aam_toggle_users
Allow user to lock/unlock other users
aam_switch_users
Allow user to switch to other user

Conclusion

Advanced Access Manager probably the only plugin that allows you to manage access to its interface. Typically you get all or nothing however with AAM you have flexibility to delegate some of the access management routines to other users without giving them administrator privileges.

Get notified about important updates and new features (no more than one email per month).