Wikidata:User access levels

From Wikidata
Jump to navigation Jump to search

A user's ability to use certain interface features are determined by the user rights that user has. Despite the term user right, extra permissions are privileges that require the trust of the community. This page summarizes them.


All users are part of the * group in Wikidata (denoted as "Unregistered users" in the table), and all user accounts are part of the user group (denoted as "Registered accounts" in the table). Except for the autoconfirmed pseudo-group, which all users who have passed the age and activity requirements are in, only those groups are automatically granted. Autoconfirmed status for an account requires at least 4 days of age and at least 50 edits (90 days and 100 edits if editing through a Tor node; the abuse filter can revoke and/or delay automatic granting of this right, but no filters are currently configured to do so). The confirmed user right can be manually assigned by administrators to accounts which don't meet this requirement, which provides equivalent permissions. Extra permissions like administrator access can only be assigned to registered user accounts.

User groups

Automatically granted

Unregistered users

Denoted by '*' in the software configuration settings, this includes any user on Wikidata. They may create and edit most pages (if not protected or in the MediaWiki: (interface) namespace). Unregistered users are identified by their IP addresses when making edits. Any unregistered user, if not blocked from doing so, may create an account for themselves at Special:CreateAccount. They are limited to 8 edits per minute and must answer a CAPTCHA prompt when adding new external links.

New users

Any logged-in user may maintain a watchlist at Special:Watchlist, and may email any other user (unless blocked from doing so) by using Special:EmailUser. While they no longer have the editing rate limit, they must still answer a CAPTCHA prompt when adding new external links until they become autoconfirmed or confirmed.

Autoconfirmed users

An account with at least 4 days of age and at least 50 edits (90 days and 100 edits for editors from Tor nodes; abuse filter can potentially delay or revert automatic promotion) is said to be autoconfirmed. Any user account which does not meet these requirements can be granted the confirmed permission and receive the same permissions. Autoconfirmed users no longer need to respond to CAPTCHAs for most actions, can edit semi-protected pages, and can move most pages (except items and properties, which are simply renamed by changing the appropriate labels instead).

Manually assigned


Main page: Wikidata:Administrators

Administrators, also known as sysops, are trusted with tasks such as blocking users, protecting pages (and editing fully-protected pages), and deleting pages. Administrator access is assigned to users who pass a successful request for permissions, by bureaucrats. They can assign rollback, confirmed user, IP block exempt, autopatrolled, and property creator status to other users, and can assign translation administrator and flooder status to themselves (but not other users). They automatically have access to all permissions they can assign (except translation administrator and flooder) - for example, administrators can create properties without assigning themselves the right.


Main page: Wikidata:Bureaucrats

Bureaucrats can add administrator, bureaucrat, bot, flooder and translation administrator status to any user, and remove bot, flooder and translation administrator status (removal of either administrator or bureaucrat status must be done by stewards). They also can rename users. The process for gaining bureaucrat status is similar to administrator status, but the requirements are higher, and generally only existing administrators are successful.

Translation administrators

Main page: Wikidata:Translation administrators

Because Wikidata is a multilingual wiki, it uses the translate extension, and translation administrators are users with access to administrative functions of the extension. Normal administrators may assign the right to themselves without filing a request, but all other users must make a request at Wikidata:Requests for permissions/Translation administrator, and a local bureaucrat will assign the right to those who provide a good reason.


Main page: Wikidata:Bots

Bots are automated and/or semi-automated accounts that perform repetitive, generally-simple, tasks that humans would find tedious to perform. Such accounts are given the bot flag by a bureaucrat, after a successful request at Wikidata:Requests for permissions/Bot. They may make edits at very fast rates, and are hidden from recent changes and watchlists.


Main page: Wikidata:Flooders

The flood flag is intended for repetitive actions performed by human users. Like the bot flag, the flood flag hides edits and log actions from Special:RecentChanges and watchlists. Administrators can add the flag to their own account if necessary; other users can be granted the flag by a bureaucrat per request at Wikidata:Bureaucrats' noticeboard. The flood flag is not a permanent user right, so every flooder can remove the flag themselves when the respective actions are done.

Subsets of administrator access

The following groups give rights to users that administrators already have. All can be assigned or removed by administrators and requested at Wikidata:Requests for permissions. They do not require election, but administrators are expected to use their judgement when assigning them.

Main page: Wikidata:Autopatrollers

This right has been deprecated. An autopatrolled user's edits are automatically marked as "patrolled", and autopatrolled users can patrol edits of users who are not autopatrolled by marking them as "patrolled". The right was generally granted to users whose edits are clearly not problematic. After the removal of this group, all autoconfirmed and manually confirmed users have their edits automatically marked as "patrolled".

Main page: Wikidata:Rollbackers

Rollback is a simple tool that can allow fast reverting of vandalism or other obvious abuse. When the "rollback" link is clicked, the latest edit to the page is reverted with an automatic edit summary, currently "Reverted edits by <reverted user> to last version by <user whose edit was reverted to>". In addition, if the second-latest edit was also made by the same user as the latest, that edit is also reverted. All edits are reverted to the latest version by a user other than the user who was reverted. Rollback is generally assigned to those who demonstrate active vandalism and spam combating on Wikidata.

Global rollbackers
Main page: meta:Global rollback

Global rollback is a global group assigned by stewards. Members of this group have access to rollback on all Wikimedia wikis and may use that access on Wikidata. In addition to local rollback, global rollbackers are automatically granted autoconfirmed and autopatrolled access (except the ability to patrol others' edits), and can suppress redirects when moving pages.

Confirmed user
Main page: Wikidata:Confirmed users

This group gives the same rights as autoconfirmed users to trusted users who don't meet the requirement for automatic promotion.

IP block exempt
Main page: Wikidata:IP block exemptions

If an IP address is blocked with the option to not allow logged-in users to edit, this permission allows editing from such IP addresses. It is granted only to those who need it and can be trusted not to abuse it, and CheckUser may be used to verify that need.

Property creators
Main page: Wikidata:Property creators

New properties can only be created by users in this group or administrators, as properties should be discussed before being used. This user right is unique to Wikidata with no parallel on other Wikimedia wikis.

Account creators
Main page: Wikidata:Account creators

The account creator user right grants access to a tool which permits trusted Wikidata contributors to make a large number of accounts for other people who request them.

Functionary permissions

These permissions, due to their potential privacy implications, require all members of their respective groups to be at least 18 years of age, of age of majority in their resident country, and identified to the Wikimedia Foundation. Exemptions may only be granted by the Executive Director of Wikimedia Foundation pursuant to relevant policy. Functionary permissions (including access for new stewards) can only be assigned by existing stewards.

Main page: meta:Stewards

Stewards have access to MediaWiki interface on all Wikimedia wikis, and unlike administrator and bureaucrat status, is a global permission that is elected annually. Stewards serve 1-year terms before they must be reconfirmed. They can change any and all user rights, and serve as members of groups a particular wiki does not have.

Main page: Wikidata:CheckUser

The term CheckUser refers both to a member of this group of users and the tool they have access to. CheckUser allows members of this group to examine the IP address data of logged-in users, which is otherwise private information. Its primary purpose is to investigate sock puppetry. CheckUser access, like Oversight access, is granted after at least 25 support votes and at least 80% support after at least 2 weeks of discussion.

Main page: Wikidata:Oversight

The term oversight refers to the name of the extension that was originally used for this purpose until it was replaced by RevisionDelete. Administrators can also apply RevisionDelete to particular edits or log actions, but oversighters can also hide the information from even administrators. It is done to hide either otherwise-private information or libelous information that even administrators should not have access to. Oversight access is approved after 2 weeks of discussion and at least 25 supporting votes at a request for access. On Wikidata, only existing administrators can become oversighters.

Main page: meta:Ombudsman commission

The ombudsman are a global group that investigates complaints about privacy-related misuse of CheckUser and Oversight. They have global CheckUser access and global access to oversight logs (but not the actual ability to perform oversight actions), but do not normally use this access except for their duties of investigating complaints about the use of CheckUser and Oversight. They are appointed by Wikimedia Foundation officers for terms of approximately a year.


This table excludes the staff and sysadmin global groups, since they are for the use of Wikimedia Foundation staff only, and excludes the unused local groups account creators, importers, and transwiki importers.

Granted Inherited Denied Revoked Depends Limited

Allows user(s) to… Blocked users Unregistered
Registered accounts Auto-confirmed
and Confirmed
Bots Administrators Bureaucrats[note 1] Other groups
(all groups with links to Meta are global)
abusefilter-log view the abuse log               steward, Abuse_filter_helper (global group without policy page)
abusefilter-log-detail view detailed abuse log entries               steward, global rollbacker, Abuse_filter_helper (global group without policy page)
abusefilter-log-private view all details for abuse log entries of private filters. All users with abusefilter-modify inherit this.               steward, Abuse_filter_helper (global group without policy page)
abusefilter-modify modify abuse filters               steward
abusefilter-modify-restricted modify abuse filters with restricted actions               steward
abusefilter-view view abuse filters               steward, Abuse_filter_helper (global group without policy page)
abusefilter-view-private view abuse filters marked as private               steward, Abuse_filter_helper (global group without policy page)
abusefilter-revert revert all changes by a given filter               steward
apihighlimits request API queries in batches of 5000 rather than 500               steward, API_High_Limits_Requestors (global group without policy page)
autoconfirmed edit semi-protected pages               steward, global rollbacker, interface editor
autopatrol have one's edits automatically patrolled               steward, global rollbacker, autopatroller
bigdelete delete pages with over 5000 revisions               steward
block block and unblock IP addresses, IP address ranges, and accounts from editing               steward
bot be treated as an automated process               flooder
checkuser examine private IP address information of users (see above)               checkuser[note 2], ombudsman
checkuser-log view the log of CheckUser actions               checkuser[note 2], ombudsman
createaccount create a new user account (for themselves or someone else)                
createpage create pages                
createtalk create talk pages                
delete delete pages with 5000 or less revisions (bigdelete is also required for pages with more than that)               steward
deletedhistory view the deleted history of a page and a list of a user's deleted edits               steward, ombudsman
deletedtext view the text of a deleted edit               steward, ombudsman
edit edit any existing page that is not protected and not in the MediaWiki namespace               steward, interface editor
(no technical name) edit own talk page                
editusercssjs[note 3] edit the personal (userspace) CSS and Javascript files of another user               steward, interface editor
import import pages from another wiki               steward
importupload import pages to the wiki from an XML dump               steward[note 4]
ipblockexempt edit from an IP address under a hard block (a block that would otherwise not permit registered users to edit)               steward, IP block exemptions
item-create create items                
item-override override items                
markbotedits mark rollback edits as bot edits by adding &bot=1; the edits are hidden from Special:RecentChanges and watchlists like normal bot edits               steward, global rollbacker
move move pages to new titles (this operation is only supported for non-property and non-item pages)               steward, global rollbacker
movefile move files to new titles (this is only included in the table for the sake of completeness, as uploads are disabled on Wikidata)               steward
move-rootuserpages move root (non-subpage) userpages.               steward
move-subpages move all the subpages of a page while moving it               steward
nominornewtalk minor edits by a user with this right to another user's talk page do not trigger a "You have new messages" for the user whose talk page was edited              
noratelimit not be affected by rate limits               steward, global rollbacker
override-antispoof not get affected by the AntiSpoof extension, which blocks the creation of usernames with mixed-script, confusing, or impersonating usernames, but sometimes produces false positives.               steward
oversight view a revision previously hidden with the Oversight extension. This is only included for completeness, since Wikidata is newer than RevisionDelete and all oversight actions on Wikidata are performed using the new RevisionDelete system.               steward, oversighter
pagetranslation mark revisions of a page for translation               translation administrator
patrol patrol unpatrolled edits (those made by users without the autopatrol permission)               steward, autopatroller
property-create create properties               property creator
protect change the protection levels of a page, edit protected pages               steward, interface editor[note 5]
purge purge the site cache by adding &action=purge to URL                
read read pages                
renameuser rename users               steward
reupload overwrite existing unprotected files. This is only included for the sake of completeness, because file uploads on Wikidata are disabled.               steward
reupload-own overwrite existing unprotected files uploaded by self only. This is only included for the sake of completeness, because file uploads on Wikidata are disabled.               steward
reupload-shared upload a file locally, even if it already exists in the shared media repository (in this case, Commons). This is only included for the sake of completeness, because file uploads on Wikidata are disabled.               steward
rollback use the rollback feature to quickly revert a series of edits (see above)               steward, global rollbacker, rollbacker
sendemail use Special:EmailUser. Users must confirm their email address before they can use this feature.                
skipcaptcha perform CAPTCHA-triggering actions without having to answer a CAPTCHA               steward, global rollbacker
suppressredirect have the option of not leaving a redirect behind when moving a page               steward, global rollbacker, interface editor
suppressrevision hide, unhide, and view revisions hidden from administrators.               steward, oversighter
suppressionlog view the log of oversight actions               steward, ombudsman, oversighter
tboverride override the title blacklist               steward, interface editor
translate edit using the translate interface                
translate-groupreview change workflow state of message groups                
translate-manage manage message groups               translation administrator
translate-review review translations                
undelete undelete (restore) deleted pages               steward
unwatchedpages view Special:UnwatchedPages, which lists pages which are not on anyone's watchlist               steward
upload upload files. This is only included for the sake of completeness, as uploads are disabled on Wikidata.               steward
userrights change the user rights of a user     - flooder (for self only) - flooder (for self only) - flooder (for self only) +/- rollbacker
+/- IP block exempt
+/- autopatroller
+/- property creator
+/- confirmed
+/- translation administrator (for self only)
+/- flooder (for self only)
+ administrator
+ bureaucrat
+/- translation administrator (for any user)
+/- bot
+/- flooder (for any user)
+/- any
writeapi use of the write API                

Allows user(s) to… Blocked users Unregistered
Registered accounts Auto-confirmed
and Confirmed
Bots Administrators Bureaucrats[note 1] Other groups
(all groups with links to Meta are global)


  1. 1.0 1.1 Most if not all bureaucrats are also administrators, and so have the permissions of administrators too.
  2. 2.0 2.1 Stewards fulfill this role by temporarily assigning themselves to the checkuser group and then removing it when they are done.
  3. Local administrators are not assigned this particular permission, but are assigned both editusercss and edituserjs, which provides equivalent functionality.
  4. The local import group might sometimes be used for this purpose, and it has import and importupload. However, currently it can only be assigned by stewards, and it is not in use. Wikidata currently does not have policy on this group, so it is considered to be unused.
  5. Interface editors normally do not change the protection levels of a page, and only use their access to edit protected pages.