A user is anyone who visits your website, including you, whether or not they have an account on the site. Drupal manages what different users can view and do on your site through an access control system that uses roles and permissions. Permissions are very granular and determine specific access, like "administer users", while roles bundle sets of permissions together to make them easier to assign to different users. Drupal core comes with 3 default roles: anonymous, authenticated, and administrator. You can add to this list and customize the permissions for all of them.

As a module developer, you can programmatically get information about users. You can also add your own custom permissions to the site to allow or restrict access to features or tasks.

Example tasks

  • Create a new user
  • Allow a user to create content
  • Define a role with a limited set of permissions


This is a stable core feature.

Drupalize.Me resources

For module developers


Drupal 7

More Guides

We have guides on many Drupal skills and topics.

Explore guides

External resources