WordPress role management: the free AIFORYA extension
Manage WordPress roles and capabilities: capability editor, expiring temporary access, audit log. Free extension, no API key.

Take precise control of the roles and permissions of your WordPress site.
AIFORYA Role Management gives you fine-grained control over WordPress roles and capabilities: grant or revoke each permission, create custom roles, grant time-limited access and keep track of every change. The core of the extension runs locally, with no API key, no account — and free, with no time limit.
- Free and complete: published on WordPress.org, no restricted features.
- Local by design: the capability editor, templates, temporary access and audit log make no network calls.
- Safe by default: impossible to accidentally lock yourself out of your own administrator access.
Why manage roles precisely?
On a site with many hands — writers, contractors, shop, community — the default WordPress role is often either too permissive (a writer who can install plugins) or too restrictive (a partner blocked from a simple task). Adjusting permissions to just the right level reduces the risk of mistakes and security holes.
The problem is that most existing solutions are either paid, complex, or risky: one wrong move and you are locked out of your own admin. AIFORYA Role Management was designed to offer precise control without that risk, with built-in safeguards.
What the extension does
- Capability editor — grant or revoke each capability precisely (publish posts, manage plugins, moderate comments…) for any role, via a checkbox matrix. Create, rename, duplicate or delete custom roles without writing a single line of code.
- Reusable role templates — save a validated set of capabilities and reapply it in one click to other roles, to reproduce a consistent configuration or start over from a clean base.
- Temporary access with automatic expiration — assign a role for a limited period; when it expires, the extension automatically restores the previous roles (WP-Cron). Manual revocation is possible at any time.
- Permissions audit log — every change (capability changed, role created or deleted, temporary access granted or expired) is recorded with its date, its author and its details. You always know who changed what and when.
- Security safeguards — the Administrator role always keeps option management and site reading; the default WordPress roles cannot be deleted; users of a deleted role are reassigned to a fallback role.
How it does better than competing free extensions
| AIFORYA Role Management | Common free extensions | |
|---|---|---|
| Expiring temporary access | Included, automatic WP-Cron restoration | Rare or paid only |
| Permissions audit log | Included (who, what, when) | Often missing or paid |
| Reusable role templates | Included | Rarely offered |
| Anti-lockout safeguards | Built in by design | Varies by extension |
| API key / account | None (100% local core) | Sometimes required |
Installation in 2 minutes
- Download the extension shown here (or install it from WordPress.org).
- Activate it from the Plugins menu.
- Open the AIFORYA Role Management menu, adjust capabilities in the Roles tab, save your configurations in Templates and grant limited access in Temporary access.
That's it: your roles are under control, and every change is tracked in the Log.
Questions fréquentes
Historique des mises à jour
- v1.0.0
Initial release: per-role capability editor, reusable role templates, temporary access with automatic expiration, and a permissions audit log.
Une question ? Contactez-nous.