Limiting access of a custom plugin to admin users only

System Information
  • Strapi Version: 4.4.7
  • Operating System: macOS
  • Database: mySQL
  • Node Version: 16
  • NPM Version: 8.6
  • Yarn Version:

I have created a custom plugin which I want to be accessible for the Admin users only and not everyone. How can this be done?

Any help is appreciated, thanks.

You can add permissions to plugins what would only allow for users with that specific permission to see it

in server/bootstrap.js

module.exports = async ({ strapi }) => {
  const actions = [
      section: 'plugins',
      displayName: 'Read',
      uid: 'read',
      pluginName: 'protected-populate',


then in your admin you would need to add the following 3 things


const pluginPermissions = {
  main: [{ action: '', subject: null }],
export default pluginPermissions;


import React from 'react';
import { Switch, Route } from 'react-router-dom';
import { NotFound, CheckPagePermissions } from '@strapi/helper-plugin';
import pluginId from '../../pluginId';
import pluginPermissions from '../../permissions';
import HomePage from '../HomePage';

const App = () => {
  return (
    <CheckPagePermissions permissions={pluginPermissions.main}>
        <Route path={`/plugins/${pluginId}`} component={HomePage} exact />
        <Route component={NotFound} />

export default App;

and in admin/src/index.js where you register your app to the menu

export default {
  register(app) {
      to: `/plugins/${pluginId}`,
      icon: PluginIcon,
      intlLabel: {
        id: `${pluginId}.plugin.displayName`,
        defaultMessage: name,
      permissions: pluginPermissions.main,
      Component: async () => {
        const component = await import(/* webpackChunkName: "[request]" */ './pages/App');

        return component;
      id: pluginId,
      initializer: Initializer,
      isReady: false,

only thing you should care about is the permissions section

1 Like

Thanks for the detailed answer, I tried to replicate the same with my plugin, but it is not accessible by the super-admin either.
Is there anything wrong that I am doing?

can’t answer that witout seeing the code\

my bad, did some silly mistake in the bootstrap.js file. Able to restrict the plugin access to super-admins only.
Can i also, provide access of the plugin to other set of users as well (like authors or editors)?

Also, thanks a lot for your answer, really saved my day!

Hey bro, i have the same problem, how did you do?

Can you paste the code?