User Permissions
Real ID for WooCommerce limits who can open the ID Checks admin pages based on the user's WordPress capabilities. By default, two built-in roles can manage the plugin:
- Administrator — full WordPress administrative access
- Shop Manager — the standard WooCommerce role for store staff
If you need someone else to manage Real ID, grant them either role (or one of the capabilities listed below), and they'll be able to open the plugin without any further configuration.
Capabilities That Grant Access
A user can open Real ID if they have any of the following WordPress capabilities:
| Capability | Granted to by default | When to use it |
|---|---|---|
manage_options | Administrators | Already covered — no action needed for site administrators |
manage_woocommerce | Administrators, Shop Managers | Already covered — no action needed for store staff using the standard WooCommerce role |
manage_real_id | No one by default | Use this when you want to grant Real ID access to a custom role without also giving them broader WordPress or WooCommerce permissions |
Holding any one of these capabilities grants the user access to the ID Checks menu, the New ID check screen, and the plugin Settings — including triggers, rules, branding, email setup, and license management.
Choosing Between Administrator and Shop Manager
For most stores, a Shop Manager is the right role for staff who handle orders, checks, and customers day-to-day. Reserve the Administrator role for users who also need to install plugins, change WordPress settings, or manage other users.
| If the user needs to… | Grant role |
|---|---|
| Review ID checks, manage triggers, update Real ID settings | Shop Manager |
| All of the above plus install/update plugins or change WordPress config | Administrator |
Granting Access to a Custom Role
If you've created a custom role (for example, a "Verification Reviewer" or "Compliance Staff" role) and want it to manage Real ID without granting broader WooCommerce or WordPress access, give the role the manage_real_id capability.
The easiest way is with a role-management plugin such as User Role Editor or Members:
- Open the role-management plugin
- Select the custom role
- Add the
manage_real_idcapability - Save
You can also do this in code by adding to your theme's functions.php or a small custom plugin:
add_action('init', function () {
$role = get_role('your_custom_role');
if ($role) {
$role->add_cap('manage_real_id');
}
});
manage_real_id for custom rolesGranting manage_options would give the user access to every WordPress setting on the site, and manage_woocommerce would expose all WooCommerce admin features. manage_real_id is scoped specifically to the Real ID plugin, so it's the right choice when you want to limit a custom role's access to ID verification only.
Verifying a User Has Access
To confirm a user can access Real ID:
- Log in to WordPress as that user (or use a tool like User Switching)
- Look for the ID Checks item in the left-hand admin menu
- Click into it and confirm the plugin loads without a "You do not have sufficient permissions" message
If the menu item is missing, the user does not currently have any of the three capabilities. Re-check their assigned role or capabilities and try again.
A Note on Access Scope
Any user who can open Real ID can perform every action inside it — including changing settings, approving or rejecting checks, deleting check data, and managing the license. There are no per-feature sub-permissions today, so only grant access to users you trust with all of those actions.