Roles and Permissions

Learn about UBCMS roles and permissions or submit changes to allow or restrict access to your site. Be sure to have individuals removed from the UBCMS when they are no longer assigned to the UBCMS or leave your unit.

On this page:

Last reviewed: October 19, 2021

About UBCMS Accounts

The UBCMS uses UBIT's LDAP directory so you must have an active UB account (UBITName) to access the UBCMS. That means you must be directly affiliated with UB in one of the following ways:

  • Employee (staff or faculty)
  • Current student, working for a university office
  • Volunteer appointment   

Individuals without UBITNames must be sponsored by their unit to be granted a volunteer appointment through University Human Resources.

Roles and Permissions

To ensure the integrity of your site, we only permit Unit Web Leaders, Site Owners or Managers to request changes to the permissions associated with UBCMS user profiles.

These roles are always connected with one or more specific sites within the UBCMS. (Site access includes parallel access to related shared content and DAM files.)

People may have more than one role in developing or managing your website, and their needs may correspond to one or more of the UBCMS permission categories.

Basic Roles
Role Permissions
  • Viewers are the most basic role in the UBCMS. They can view but cannot create or modify pages in the authoring environment. Viewers can see, but not modify page annotations.
  • This role is often recommended for hands-off strategic leads, content proofreaders and reviewers.


  • Authors do the lion's share in the UBCMS. They can view, create, move or delete pages in the authoring environment, as well as modify most of the content on those pages, except the header, footer and related links.
  • Only Publishers should move or delete pages that have been activated/published.
  • Specialists are Authors with access to additional features, such as site configuration files, which control navigation, headers and footers, Design Mode. and CRXDE, which provides access to styling and other site-wide settings.
  • Normally only a tech lead, developer or site manager would need this level of access.
  • Publishers can view and activate ('publish') pages in the authoring environment, making them viewable by visitors on the corresponding public website. Publishers can also deactivate those pages, removing them from the public site. Unless they also are Authors, they cannot create or delete pages, or modify the content on those pages.
  • Only Publishers should move or delete pages that have been activated/published.
Admin Roles
Role Permissions

Can create or modify UBCMS user permissions using the (new) Group Manager Tool.

Tag Admin

Can create or modify UBCMS tags. Each site can request an admin to locally manage their site's tags.

User Admin

Can create or modify UBCMS user permissions. Each site can request an admin to locally manage their site's users.

Workflow Editor/Approver

Editors who can complete a workflow subroutine; e.g. approve & activate a modified page.

Workflow Participant/User

Authors who can initiate a workflow; e.g. indicate a page has been modified and ready for activation.

Pilot groups are testing User Admin control at the site level.

User Management

  • 4/19/21
    Adjust user roles in the permissions groups that control access to sites in the UBCMS authoring environment.

Was This Information Helpful?

(so we can thank you or request more details)
( addresses only please)