Wikidata:User access levels
A user's ability to use certain interface features are determined by the user rights that user has. Despite the term user right, extra permissions are privileges that require the trust of the community. This page summarizes them.
- 1 Overview
- 2 User groups
- 2.1 Automatically granted
- 2.2 Manually assigned
- 2.2.1 Administrators
- 2.2.2 Bureaucrats
- 2.2.3 Translation administrators
- 2.2.4 Bots
- 2.2.5 Flooders
- 2.2.6 Subsets of administrator access
- 2.2.7 Functionary permissions
- 3 Table
- 4 Notes
All users are part of the
* group in MediaWiki (denoted as "Unregistered users" in the table), and all user accounts are part of the
user group (denoted as "Registered accounts" in the table). Except for the
autoconfirmed pseudo-group, which all users who have passed the age and activity requirements are in, only those groups are automatically granted. Autoconfirmed status for an account requires at least 4 days of age and at least 50 edits (90 days and 100 edits if editing through a Tor node; the abuse filter can revoke and/or delay automatic granting of this right, but no filters are currently configured to do so). The
confirmed user right can be manually assigned by administrators to accounts which don't meet this requirement, which provides equivalent permissions. Extra permissions like administrator access can only be assigned to registered user accounts.
'*' in the software configuration settings, this includes any user on Wikidata. They may create and edit most pages (if not protected or in the MediaWiki: (interface) namespace). Unregistered users are identified by their IP addresses when making edits. Any unregistered user, if not blocked from doing so, may create an account for themselves at Special:CreateAccount. They are limited to 8 edits per minute and must answer a CAPTCHA prompt when adding new external links.
Any logged-in user may maintain a watchlist at Special:Watchlist, and may email any other user (unless blocked from doing so) by using Special:EmailUser. While they no longer have the editing rate limit, they must still answer a CAPTCHA prompt when adding new external links until they become autoconfirmed or confirmed.
An account with at least 4 days of age and at least 50 edits (90 days and 100 edits for editors from Tor nodes; abuse filter can potentially delay or revert automatic promotion) is said to be autoconfirmed. Any user account which does not meet these requirements can be granted the confirmed permission and receive the same permissions. Autoconfirmed users no longer need to respond to CAPTCHAs for most actions, can edit semi-protected pages, and can move most pages (except items and properties, which are simply renamed by changing the appropriate labels instead).
- Main page: Wikidata:Administrators
Administrators, also known as sysops, are trusted with tasks such as blocking users, protecting pages (and editing fully-protected pages), and deleting pages. Administrator access is assigned to users who pass a successful request for permissions, by bureaucrats. They can assign rollback, confirmed user, IP block exempt, autopatrolled, and property creator status to other users, and can assign translation administrator and flooder status to themselves (but not other users). They automatically have access to all permissions they can assign (except translation administrator and flooder) - for example, administrators can create properties without assigning themselves the right.
- Main page: Wikidata:Bureaucrats
Bureaucrats can add administrator, bureaucrat, bot, flooder and translation administrator status to any user, and remove bot, flooder and translation administrator status (removal of either administrator or bureaucrat status must be done by stewards). They also can rename users. The process for gaining bureaucrat status is similar to administrator status, but the requirements are higher, and generally only existing administrators are successful.
- Main page: Wikidata:Translation administrators
Because Wikidata is a multilingual wiki, it uses the translate extension, and translation administrators are users with access to administrative functions of the extension. Normal administrators may assign the right to themselves without filing a request, but all other users must make a request at Wikidata:Requests for permissions/Translation administrator, and a local bureaucrat will assign the right to those who provide a good reason.
- Main page: Wikidata:Bots
Bots are automated and/or semi-automated accounts that perform repetitive, generally-simple, tasks that humans would find tedious to perform. Such accounts are given the bot flag by a bureaucrat, after a successful request at Wikidata:Requests for permissions/Bot. They may make edits at very fast rates, and are hidden from recent changes and watchlists.
- Main page: Wikidata:Flooders
The flood flag is intended for repetitive actions performed by human users. Like the bot flag, the flood flag hides edits and log actions from Special:RecentChanges and watchlists. Administrators can add the flag to their own account if necessary; other users can be granted the flag by a bureaucrat per request at Wikidata:Bureaucrats' noticeboard. The flood flag is not a permanent user right, so every flooder can remove the flag themselves when the respective actions are done.
Subsets of administrator access
The following groups give rights to users that administrators already have. All can be assigned or removed by administrators and requested at Wikidata:Requests for permissions. They do not require election, but administrators are expected to use their judgement when assigning them.
- Main page: Wikidata:Autopatrollers
This right has been deprecated. An autopatrolled user's edits are automatically marked as "patrolled", and autopatrolled users can patrol edits of users who are not autopatrolled by marking them as "patrolled". The right was generally granted to users whose edits are clearly not problematic. After the removal of this group, all autoconfirmed and manually confirmed users have their edits automatically marked as "patrolled".
- Main page: Wikidata:Rollbackers
Rollback is a simple tool that can allow fast reverting of vandalism or other obvious abuse. When the "rollback" link is clicked, the latest edit to the page is reverted with an automatic edit summary, currently "Reverted edits by <reverted user> to last version by <user whose edit was reverted to>". In addition, if the second-latest edit was also made by the same user as the latest, that edit is also reverted. All edits are reverted to the latest version by a user other than the user who was reverted. Rollback is generally assigned to those who demonstrate active vandalism and spam combating on Wikidata.
- Main page: meta:Global rollback
Global rollback is a global group assigned by stewards. Members of this group have access to rollback on all Wikimedia wikis and may use that access on Wikidata. In addition to local rollback, global rollbackers are automatically granted autoconfirmed and autopatrolled access (except the ability to patrol others' edits), and can suppress redirects when moving pages.
- Main page: Wikidata:Confirmed users
This group gives the same rights as autoconfirmed users to trusted users who don't meet the requirement for automatic promotion.
IP block exempt
- Main page: Wikidata:IP block exemptions
If an IP address is blocked with the option to not allow logged-in users to edit, this permission allows editing from such IP addresses. It is granted only to those who need it and can be trusted not to abuse it, and CheckUser may be used to verify that need.
- Main page: Wikidata:Property creators
New properties can only be created by users in this group or administrators, as properties should be discussed before being used.
- Main page: Wikidata:Account creators
The account creator user right grants access to a tool which permits trusted Wikidata contributors to make a large number of accounts for other people who request them.
These permissions, due to their potential privacy implications, require all members of their respective groups to be at least 18 years of age, of age of majority in their resident country, and identified to the Wikimedia Foundation. Exceptions may only be granted by the Wikimedia Board of Trustees. Functionary permissions (including access for new stewards) can only be assigned by existing stewards.
- Main page: meta:Stewards
Stewards have access to MediaWiki interface on all Wikimedia wikis, and unlike administrator and bureaucrat status, is a global permission that is elected annually. Stewards serve 1-year terms before they must be reconfirmed. They can change any and all user rights, and serve as members of groups a particular wiki does not have. They will also act as CheckUsers until Wikidata elects local CheckUsers, and when Wikidata does select such users, stewards will be tasked with assigning them.
- Main page: Wikidata:CheckUser
The term CheckUser refers both to a member of this group of users and the tool they have access to. CheckUser allows members of this group to examine the IP address data of logged-in users, which is otherwise private information. Its primary purpose is to investigate sock puppetry. CheckUser access, like Oversight access, is granted after at least 25 support votes and at least 80% support after at least 2 weeks of discussion. However, Wikidata does not have any local members of this group, so stewards act as CheckUsers until Wikidata has elected its own.
- Main page: Wikidata:Oversight
The term oversight refers to the name of the extension that was originally used for this purpose until it was replaced by RevisionDelete. Administrators can also apply RevisionDelete to particular edits or log actions, but oversighters can also hide the information from even administrators. It is done to hide either otherwise-private information or libellious information that even administrators should not have access to. Oversight access is approved after 2 weeks of discussion and at least 25 supporting votes at a request for access. On Wikidata, only existing administrators can become oversighters.
- Main page: meta:Ombudsman commission
The ombudsmen are a global group that investigates complaints about privacy-related misuse of CheckUser and/or Oversight. They have global CheckUser access and global access to oversight logs (but not the actual ability to perform oversight actions), but do not normally use this access except for their duties of investigating complaints about the use of CheckUser and/or Oversight. They are appointed by Wikimedia Foundation officers for terms of approximately a year.
This table excludes the staff and sysadmin global groups, since they are for the use of Wikimedia Foundation staff only, and excludes the unused local groups account creators, importers, and transwiki importers.
|Allows user(s) to…||Blocked users||Unregistered
|Bots||Administrators||Bureaucrats[note 1]||Other groups|
(all groups with links to Meta are global)
|abusefilter-log||view the abuse log||steward, Abuse_filter_helper (global group without policy page)|
|abusefilter-log-detail||view detailed abuse log entries||steward, global rollbacker, Abuse_filter_helper (global group without policy page)|
|abusefilter-log-private||view all details for abuse log entries of private filters. All users with abusefilter-modify inherit this.||steward, Abuse_filter_helper (global group without policy page)|
|abusefilter-modify||modify abuse filters||steward|
|abusefilter-modify-restricted||modify abuse filters with restricted actions||steward|
|abusefilter-view||view abuse filters||steward, Abuse_filter_helper (global group without policy page)|
|abusefilter-view-private||view abuse filters marked as private||steward, Abuse_filter_helper (global group without policy page)|
|abusefilter-revert||revert all changes by a given filter||steward|
|apihighlimits||request API queries in batches of 5000 rather than 500||steward, API_High_Limits_Requestors (global group without policy page)|
|autoconfirmed||edit semi-protected pages||steward, global rollbacker, interface editor|
|autopatrol||have one's edits automatically patrolled||steward, global rollbacker, autopatroller|
|bigdelete||delete pages with over 5000 revisions||steward|
|block||block and unblock IP addresses, IP address ranges, and accounts from editing||steward|
|bot||be treated as an automated process||flooder|
|checkuser||examine private IP address information of users (see above)||checkuser[note 2], ombudsman|
|checkuser-log||view the log of CheckUser actions||checkuser[note 2], ombudsman|
|createaccount||create a new user account (for themselves or someone else)|
|createtalk||create talk pages|
|delete||delete pages with 5000 or less revisions (bigdelete is also required for pages with more than that)||steward|
|deletedhistory||view the deleted history of a page and a list of a user's deleted edits||steward, ombudsman|
|deletedtext||view the text of a deleted edit||steward, ombudsman|
|edit||edit any existing page that is not protected and not in the MediaWiki namespace||steward, interface editor|
|(no technical name)||edit own talk page|
|import||import pages from another wiki||steward|
|importupload||import pages to the wiki from an XML dump||steward[note 4]|
|ipblockexempt||edit from an IP address under a hard block (a block that would otherwise not permit registered users to edit)||steward, IP block exemptions|
|markbotedits||mark rollback edits as bot edits by adding &bot=1; the edits are hidden from Special:RecentChanges and watchlists like normal bot edits||steward, global rollbacker|
|move||move pages to new titles (this operation is only supported for non-property and non-item pages)||steward, global rollbacker|
|movefile||move files to new titles (this is only included in the table for the sake of completeness, as uploads are disabled on Wikidata)||steward|
|move-rootuserpages||move root (non-subpage) userpages.||steward|
|move-subpages||move all the subpages of a page while moving it||steward|
|nominornewtalk||minor edits by a user with this right to another user's talk page do not trigger a "You have new messages" for the user whose talk page was edited|
|noratelimit||not be affected by rate limits||steward, global rollbacker|
|override-antispoof||not get affected by the AntiSpoof extension, which blocks the creation of usernames with mixed-script, confusing, or impersonating usernames, but sometimes produces false positives.||steward|
|oversight||view a revision previously hidden with the Oversight extension. This is only included for completeness, since Wikidata is newer than RevisionDelete and all oversight actions on Wikidata are performed using the new RevisionDelete system.||steward, oversighter|
|pagetranslation||mark revisions of a page for translation||translation administrator|
|patrol||patrol unpatrolled edits (those made by users without the autopatrol permission)||steward, autopatroller|
|property-create||create properties||property creator|
|protect||change the protection levels of a page, edit protected pages||steward, interface editor[note 5]|
|purge||purge the site cache by adding &action=purge to URL|
|reupload||overwrite existing unprotected files. This is only included for the sake of completeness, because file uploads on Wikidata are disabled.||steward|
|reupload-own||overwrite existing unprotected files uploaded by self only. This is only included for the sake of completeness, because file uploads on Wikidata are disabled.||steward|
|reupload-shared||upload a file locally, even if it already exists in the shared media repository (in this case, Commons). This is only included for the sake of completeness, because file uploads on Wikidata are disabled.||steward|
|rollback||use the rollback feature to quickly revert a series of edits (see above)||steward, global rollbacker, rollbacker|
|sendemail||use Special:EmailUser. Users must confirm their email address before they can use this feature.|
|skipcaptcha||perform CAPTCHA-triggering actions without having to answer a CAPTCHA||steward, global rollbacker|
|suppressredirect||have the option of not leaving a redirect behind when moving a page||steward, global rollbacker, interface editor|
|suppressrevision||hide, unhide, and view revisions hidden from administrators.||steward, oversighter|
|suppressionlog||view the log of oversight actions||steward, ombudsman, oversighter|
|tboverride||override the title blacklist||steward, interface editor|
|translate||edit using the translate interface|
|translate-groupreview||change workflow state of message groups|
|translate-manage||manage message groups||translation administrator|
|undelete||undelete (restore) deleted pages||steward|
|unwatchedpages||view Special:UnwatchedPages, which lists pages which are not on anyone's watchlist||steward|
|upload||upload files. This is only included for the sake of completeness, as uploads are disabled on Wikidata.||steward|
|userrights||change the user rights of a user||- flooder (for self only)||- flooder (for self only)||- flooder (for self only)||+/- rollbacker
+/- IP block exempt
+/- property creator
+/- translation administrator (for self only)
+/- flooder (for self only)
+/- translation administrator (for any user)
+/- flooder (for any user)
|writeapi||use of the write API|
|Allows user(s) to…||Blocked users||Unregistered
|Bots||Administrators||Bureaucrats[note 1]||Other groups|
(all groups with links to Meta are global)
- Most if not all bureaucrats are also administrators, and so have the permissions of administrators too.
- Stewards fulfill this role by temporarily assigning themselves to the checkuser group and then removing it when they are done.
- Local administrators are not assigned this particular permission, but are assigned both editusercss and edituserjs, which provides equivalent functionality.
- The local import group might sometimes be used for this purpose, and it has import and importupload. However, currently it can only be assigned by stewards, and it is not in use. Wikidata currently does not have policy on this group, so it is considered to be unused.
- Interface editors normally do not change the protection levels of a page, and only use their access to edit protected pages.