|This page documents a procedural policy of Wikipedia.|
|This page in a nutshell: Interface administrators are highly trusted users able to edit all CSS/JS/JSON pages, gadgets, and MediaWiki messages.|
The ability to edit CSS/JS that is executed in other users' browsers is very powerful and extremely dangerous in the hands of a malicious user; interface administrators should be users who are highly trusted, have at least a basic understanding of CSS and JS, are aware of the privacy expectations of Wikimedia wikis, and have a decent understanding of how to secure their accounts (such as choosing strong and unique passwords and avoiding malware infection). The WMF Office requires all interface administrators to use two-factor authentication.
There are currently 12 interface administrators (including one interface-admin bot). If you need assistance from an interface administrator, you can make a request at the Interface administrators' noticeboard. Note there is a similiar global group, who may use their access subject to the global rights policy.
Process for requesting
- Venue: Wikipedia:Bureaucrats' noticeboard
- Process: Admin makes a request, with a rationale, at the bureaucrats’ noticeboard, to request interface administrator access. The request will remain open for 48 hours for first-time requests. Re-admin requests, not under a cloud, will not have a waiting period. No notice at other noticeboards is required. Bureaucrats may inquire about why admins are requesting access at their discretion. Editors may discuss the applicant, but the final decision rests with the reviewing bureaucrat. Bureaucrats may not assign access to themselves.
- Duration of right: Permanent by default, can be temporary if requested.
Removal of permissions
Permission should be removed by bureaucrats in the following circumstances:
- Interface administrators who have made no edits or other logged actions for at least 2 months or who have made no edits using the permission for at least 6 months should have the user right removed.
- Voluntary request by the interface administrator at the bureaucrats' noticeboard.
- After misuse of the access by consensus (e.g. at Wikipedia:Administrators' noticeboard).
- Upon removal of administrator access, for any reason.
- By request of the Arbitration Committee.
Any bot operator requesting access for their bot(s) must permanently possess the user right themselves.
All bot operators are required to enable 2FA for their bot accounts and create a strong account password, and are strongly urged to use OAuth for maximum security. Bureaucrats and BAG members may ask bot operators to enforce these security measures at their discretion.
Interface administrators have full abilities with all CSS and JS pages that are located in the MediaWiki namespace or within the user space of other editors; administrators who are not interface administrators have the ability to view and delete those pages only. They also cannot view the deleted history of CSS or JS pages in those areas (even if they were the user who deleted it), nor can they restore any deleted revisions of those pages. Both regular administrators and interface administrators have full abilities with JSON pages in the MediaWiki namespace or within the user space of other editors.
|View deleted history||No||No||Yes|
- Sitewide pages, such as MediaWiki:Common.js or MediaWiki:Vector.css, or the gadget pages listed on Special:Gadgets, and other user's subpages
- Any administrator can edit other pages in the MediaWiki namespace and all JSON pages, and all registered users may edit their own personal js/css/json pages as used by Wikipedia:User scripts.
- WMF 2FA requirement as published on metawiki.
- Limited to administrators in this September 2018 RfC
- Limited to administrators in this October 2018 RfC
- This process was approved in this RfC.