Why and When You Should Set User Controls Within Your CMS

Setting user-based controls lets you not only user restrict access to the parts of the CMS they need to be in, but also create a better user experience for them overall.

Whether you’re building a client website by yourself or you’re working within a large agency with various contributors, your content management system really shouldn’t be a free-for-all. Sure, you want to empower your clients and employers to manage and edit their content. And you definitely want team members to have the ability to design, write, run campaigns and perform other tasks on their own.

When you give other users the ability to use your CMS intuitively, it allows you to focus on more important matters and also to not stress about what it is they’re doing in there.

In order to accomplish this, you’ll need to configure a system of controls, starting with role-based access. This will make the CMS interface more user-friendly while simultaneously reducing the incidences of user error.

In this post, we’ll explore various ways to put these types of guardrails up on your CMS.

Why You Need CMS User Control in the First Place

Some content management systems are overly simplified pieces of software. Modern drag-and-drop website builders are a good example of this. They’re very intuitive for even the most amateur of users to use. But the tradeoff is that they’re severely limited in terms of what they will allow you to accomplish.

The problem is that when you want or need something more robust, that means you need a more complex CMS or DXP.

As a web designer or developer, you likely won’t struggle with using this type of CMS out of the box. And if you discover an error or issue along the way, you’ll know how to navigate your way out of it easily enough.

The other people using your CMS might not be as adept as you are. At the same time, you don’t want to be the sole person responsible for adding and updating content, running campaigns, testing pages and so on.

So, the goal then is to empower your collaborators (be they coworkers, contractors, clients or employers) to use the CMS as intuitively as you do. But the best way to do that isn’t by providing end-to-end training on the CMS and giving them free access to everything. Training is essential, but it should only be on the parts of the CMS and tasks within it that are relevant to them.

The better solution is to tailor your CMS to different users and roles. This way, no matter how large your site gets, how many contributors work on it or how rigorous your workflows become, you’ll have a way to mitigate the risks associated with so much complexity. You’ll also keep your users from feeling intimidated or overwhelmed by everything they find in there, allowing them to master the specific aspects of the CMS they need to get the job done.

Ways to Enable User Controls Within Your CMS

Here are some things you can do to create a more user-friendly experience on the backend of your CMS while mitigating the risks of having tons of users working inside it:

1. Define User Roles

It’s always a good idea to establish user roles within a CMS. Everyone’s responsibilities are different and so there’s no need for everyone to have the same levels of access or capabilities. By grouping users together within certain roles, you can more effectively manage the permissions they have to use specific features as well as customize what they can and cannot see within the CMS.

Your CMS may have default user roles already set up for you. Here are some examples of what you may find:

• Administrator: This role has total access to the CMS. In addition, the admin is able to create and manage roles and users.
• Authors: This role is for writers, marketers and anyone else authoring content on the site. They’re given access to the pages and are able to create, edit and manage the content. This might also be a good role to assign to clients that you want to limit to the content management areas of the CMS.
• Editors: This role is for editors and content managers. They not only have the ability to manage content and taxonomies, but also content workflows.
• Designers: This role is for web designers and developers. They have access to all the tools needed to build the pages of the website or app. This includes creating templates, configuring website settings, applying custom CSS and JS, and more.
• Subscribers: This isn’t so much a role as it is a way to classify someone who has subscribed to your blog or newsletter on the frontend of your website. While they’re considered a “user” in the CMS, they have no access to the backend.
• Customers: This is another non-user role. This is someone who has made a purchase from your website. While they can’t access the backend, they do have access to a special customer portal where they can see account info, order history and more.

Many CMSes will allow you to delete roles you don’t need and create ones that don’t currently exist. It all depends on how complex your project is or how unique your workflows are. For instance, you might want to add a separate role for “Marketer” if you want marketing staff to focus on ad campaign management, SEO and the like.

Not every CMS comes with built-in marketing features, though, so you’ll need to consider what it is you need and what the CMS is capable of before creating new roles.

2. Restrict Access

With your user roles established, it’s time to define the rules and privileges granted to each. You’ll be able to decide things like:

• If they can access the backend
• Which parts of the backend they’ll see when they log in
• What sorts of capabilities they have within the various parts of the CMS

Using the role examples above, here’s what that might look like:

Administrators: This is you and anyone else you want to share the responsibility of site/CMS administration with. There are zero restrictions for this role.

Authors: They’ll be able to:

• Access pages, posts and other relevant content types
• Write and edit content
• Upload media assets
• Assign categories, tags and other taxonomies
• Enter details for SEO (like meta title, description, keywords, alt text, etc.)
• Customize slugs

Editors: They’ll be able to:

• Access pages, posts, and other relevant content types
• Add new pages
• Delete existing pages
• Write and edit content
• Upload media assets
• Assign and manage categories, tags and other taxonomies
• Enter details for SEO (like meta title, description, keywords, alt text, etc.)
• Customize slugs
• Create authoring workflows
• Assign content/tasks to writers
• Publish content to the site

Designers: They’ll be able to:

• Access pages, posts and other relevant content types
• Create, edit and delete pages
• Create designs and layouts for all pages
• Edit text
• Upload media assets
• Manage fonts
• Customize hyperlink structures and slugs
• Add features like search bars, contact forms, chatbots and more
• Set up ecommerce pages and functionality
• Create reusable templates
• Create global components
• Define global styles
• Configure A/B tests

Marketers: They’ll be able to:

• Add and update landing pages
• Create and manage user personas
• Configure lead scoring
• Create automated email sequences
• Set personalization rules for pages and content
• Run ad campaigns
• Review website analytics
• Oversee A/B testing

By clearly defining what each user does, you can craft a personalized CMS experience for them. This will enable them to work faster as they won’t get hung up on all the other distractions they would otherwise encounter in the CMS. You’ll also be able to keep them from accidentally creating errors that others (likely, you) will have to clean up.

3. Set Up Authoring Workflows

Editors, marketers, project managers and others who are in charge of ushering content through certain workflows have plenty of tools at their disposal outside of the CMS. For instance, they can use task management software like Trello and Asana to create workflows, assign tasks, communicate with team members, set deadlines and more.

However, some CMS come with workflow management capabilities of their own. And these capabilities often go beyond what you can do with third-party project management software.

For example, let’s say you’ve built a website with a really popular blog. You have top-tier writers contributing to the blog and most posts rank pretty well for their target keywords. As such, you don’t want to do anything that could compromise all the success you’ve had.

So, your editor has devised a workflow with the following steps:

• Blog Post Pitches: Contributors add ideas to a running list that the editor reviews.
• Approved & In Progress: Approved pitches move to the next stage. The topic gets assigned to the writer, a deadline is set and a new blog post draft is created.
• For Review: After the writer completes the post, they click the “Submit for Review” button which has taken the place of the usual “Publish” button.
• Awaiting Approval: The editor receives a notification that the post is ready for review. They either edit the post or send it back to the writer for rewrites.
• Scheduled: Once the post is in good working condition, the editor assigns it a publication date.
• Published: The post is published to the blog at the assigned time.
• For Promotion: The marketing team receives a notification about the new post. They add it to the upcoming newsletter, craft posts for each of their social media platforms and consider whether it’s worth promoting via ads.

By creating workflows like this within the CMS, the editor gains more control over the content creation process.

They enable contributors to work directly inside the CMS, which cuts out unnecessary steps like having to cut and paste text and images from a Google or Word doc and move them into a more collaborative environment. At the same time, they remove the writer’s ability to publish posts to the website, so that content only goes out when it’s 100% ready to do so.

These types of workflows aren’t just beneficial for blogs. You can set them up for all kinds of content creation.

For instance, you can create workflows for marketing campaign creation. Let’s say you’re creating personalized messaging for the home page based on user segmentation data. You could have your copywriter put the copy into an outside document. However, it would be more effective for them to craft the content within the context of the page. Because you don’t want them to alter what’s on the existing page, you add an approval step to ensure that the copy reaches you (or the editor) before the conditions are set and it goes live.

4. Create Reusable Templates

While user roles and privileges will allow you to define what different types of users can do in the CMS, they won’t allow you to control what users of the same type can do.

For example, let’s say you’re working on a new ecommerce project. It’s multichannel, so you’re developing a website and mobile app. Plus, you have tons of marketing campaigns and testing you plan to do.

In order to get the job done on time, you need to hire some contract designers to help. Even if you know and trust them, that doesn’t mean all of you will automatically be in sync when it comes to building out the pages and experiences.

With so many people contributing to the design, you could run into issues with inconsistent implementation. To reduce the likelihood of this happening, it would be valuable to create guidelines and templates that every designer has access to in the CMS.

For example, you might add the following:

• Style guide or design system
• Preconfigured UI widgets
• Premade templates for certain page types (like blog posts, ecommerce products, service pages, etc.)
• Global sections (like for calls to action)
• Structured content types so users have everything they need to create any type of page

Enabling version control is also a must when you have multiple contributors working in a CMS. This way, if someone deviates from these predefined rules and assets, you’ll be able to see who did it and when the change went into effect, and you’ll also have an easy way to roll back the page to a previous version if need be.

5. Add Custom Data Fields

Whenever someone is working on a page, new or old, it’s not just the design and the text they need to be concerned with. There are often related data fields that appear alongside those pages in the CMS.

For example:

• Excerpt
• Categories
• Tags
• Product attributes
• SEO title and description
• nofollow and noindex
• OpenGraph data
• Schema markup

One of the things I’ve noticed, especially when showing new users around a CMS, is that they either completely ignore these data fields or they fixate on them too much.

To make it easier on your users, you might want to consider customizing which data fields appear on different page/content types in the CMS. It would also be wise to determine which fields are required before content can be submitted. For instance, webpages wouldn’t need excerpts, categories, tags or attributes.

By removing irrelevant fields, you’d reduce user confusion when they go to populate this data on each page. It’ll also allow them to work more efficiently as they’re not having to waste time on fields that are irrelevant to what they’re working on and unnecessary to fill out.

You might also want to think about removing the fields all together based on who’s working on the page. For example, your editor or marketer might be better suited to filling in all this data prior to publication. This is yet another reason why authoring workflows are so beneficial to have.

Not every CMS includes this capability to pick and choose related data fields that appear on different page types. However, if you’re working in one that does, take advantage of this functionality as it’ll greatly improve the backend user experience.

Wrapping Up

We focus so much on crafting a great frontend experience for visitors and customers. But it’s going to be mighty difficult to create that experience if the backend of the CMS is too difficult for certain parties to use. Or if your content ends up being rife with errors.

While designers and developers are at an advantage here, you have to remember that other contributors aren’t as tech-savvy as you. And unless you want to get stuck having to create all of the content and make all of the updates to your site, you’re going to need to empower these users.

Training will be useful, for sure. However, creating a custom-tailored backend experience based on users’ roles and responsibilities will be hugely beneficial, too.

Now, every CMS is different. Some may not offer you all of the user controls discussed above. However, if you haven’t chosen a CMS for your project yet and this kind of access control is a priority for you, consider using Progress Sitefinity.