Sitecore Security: Roles in Roles – What it is and how it works

The Sitecore Roles-In-Roles is an extension to the basic authorization that have been around ever since Sitecore 5.


Roles-In-Roles allows you to have nested roles, so when you add a role to a user, the user is granted that role, including all the nested roles.


The roles in Sitecore does not only grant access to content, but also to functions, such as publishing, account managing, translating etc. In an attempt to simplify the process of granting authors access to content AND functions, the idea of embedding function roles into one access role was born.
So with roles-in-roles you can create a super-role that grants access to content and functions at the same time.


In the sitecore.config you will  find the rolesInRolesManager configuration setting that points to the database where the rolesinroles table is defined.

<rolesInRolesManager defaultProvider="sql" enabled="true">
    <clear />
    <add name="sql" type="Sitecore.Security.Accounts.SqlServerRolesInRolesProvider, Sitecore.Kernel" connectionStringName="core" rolesInRolesSupported="true" globalRolesConfigStoreName="globalRoles" raiseEvents="true" />


Look at the “Developer” roles in the Roles Manager:

Roles Manager

Roles Manager

If you click the “Member Of” button you will see all the roles that is embedded into the “Developer” roles:

Roles Manager - Member Of

Roles Manager – Member Of

That means that when my user is granted the “Developer” role:

User Manager - Select Roles

User Manager – Select Roles

The user will automatically be granted the “Developer” roles, plus any embedded roles within the “Developer” role. Also, if any roles inside the “Developer” role has embedded roles, these roles are also included.

User Manager - Roles

User Manager – Roles


About briancaos

Developer at Pentia A/S since 2003. Have developed Web Applications using Sitecore Since Sitecore 4.1.
This entry was posted in Sitecore 5, Sitecore 6, Sitecore 7, Sitecore 8, Sitecore 9 and tagged , , , , . Bookmark the permalink.

1 Response to Sitecore Security: Roles in Roles – What it is and how it works

  1. Pingback: Sitecore check access and roles programatically | Brian Pedersen's Sitecore and .NET Blog

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.