Kentico Permissions, Roles, Memberships and Privilege Levels

Shivinder Singh asked on May 25, 2018 18:41

The way I'm understanding permissions, roles, memberships and privilege levels in Kentico is this:

  • Permissions are access to do specific granular tasks in Kentico application
  • Roles are permissions grouped together
  • Memberships are roles grouped together
  • Users can have roles as well as memberships

I noticed 3 built-in global roles:

  • Chat Support engineers (notice plurality)
  • CMS Global Administrator (notice singularity)
  • CMS Power Users (notice plurality).

What are privilege levels? When you edit a user, you need to select a privilege level of:

  • None
  • Editor
  • Administrator
  • Global Administrator

How do I create a role that mirrors the permissions available to Editor privilege level?

Recent Answers


Trevor Fayas answered on May 25, 2018 19:38

User has a permission type, none is basic, editor means access to the /admin area of Kentico but no permissions, they need to be assigned. Administrator means access to the assigned sites resources and modules, but no access to global, and global administrator is unadulterated access.

Next roles are a container for permissions.

Memberships contain uses and roles so you can group them, adding people to multiple roles simply by adding to a membership group that has the roles.

Permissions control what a user has access to, both operations (such as create it delete certain page types) but also user interface (such as access to the "form" tab on pages).

That's the best I can do for a summary, documentation goes into better detail and you will probably need to look into it to fully understand things.

0 votesVote for this answer Mark as a Correct answer

Trevor Fayas answered on May 25, 2018 19:42

Oh also role permissions for editors are additive, if you have two roles you get the combined permissions of both.

So for your example, you want to make the users editor type, and possibly leverage existing Kentico roles to give them basic permissions, then add roles that have the specific permissions you want to Grant them beyond the basic.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.