Interface administrators (interface-admins) are users who can edit all JavaScript (JS), Cascading Style Sheets (CSS), and JavaScript Object Notation (JSON) pages - regardless of their location,[1] and can edit pages that are within the MediaWiki namespace. They are the only local user group with the ability to edit all JS/CSS pages.[2] These pages are executed by the browser of wiki editors and readers as code, which can be used to change how content is styled, change the behavior of pages, or even create complex tools to help with editing.
The ability to edit JS/CSS that is executed in other users' browsers is very powerful, and extremely dangerous in the hands of a malicious user; interface administrators should be users who are highly trusted, have at least a basic understanding of JS and CSS, are aware of the privacy expectations of Wikimedia wikis, and have a decent understanding of how to secure their accounts (such as choosing strong and unique passwords and avoiding malware infection). The WMF Office requires all interface administrators to use two-factor authentication.[3]
Process: The administrator makes a request, with a rationale, at the bureaucrats' noticeboard, to request interface administrator access. The request will remain open for 48 hours for first-time requests. Re-admin requests, not under a cloud, will not have a waiting period. No notice at other noticeboards is required. Bureaucrats may inquire about why the administrator is requesting access at their discretion. All editors may discuss the applicant, but the final decision rests with the reviewing bureaucrat. Bureaucrats may not assign access to themselves.[4]
Duration of right: Permanent by default, can be temporary if requested.[7]
Permission should be removed by bureaucrats in the following circumstances:[7]
Interface administrators who have made no edits or other logged actions for at least 2 months or who have made no edits using the permission for at least 12 months should have the user right removed.
Any bot operator requesting access for their bot(s) must permanently possess the user right themselves.[7] As with regular interface administrator accounts, bot accounts with this permission must have 2FA enabled and use a strong password.
Technical access
There are two general kinds of pages in the MediaWiki namespace: Message pages and site configuration pages.
Interface administrators can edit and delete these pages, and can modify user configuration pages that live in the user space of other editors. Administrators who are not interface administrators can instead edit and delete most message pages (but not all of them).
Administrators and oversighters who are not interface administrators can delete and revision delete (or suppress in the case of oversighters) JS or CSS pages that live in the user space of other editors, as well as view their deleted revisions. However, they cannot restore revisions of those pages. Both regular administrators and interface administrators can modify JSON pages in the MediaWiki namespace or within the user space of other editors.
More information Permission, User ...
Access to code file pages located in the MediaWiki namespace and in the user space of other editors
Any administrator can edit other pages in the MediaWiki namespace and all JSON pages, and all registered users may edit their own personal JS/CSS/JSON pages as used by Wikipedia:User scripts.
m:Interface administrators: "For legal and security reasons, the Wikimedia Foundation has decided that Two factor authentication is required for this role on all projects".
{{User interface admin since}}, a userbox to indicate having interface administrator permission with period of time
{{Interface administrator topicon}} – a top icon template to indicate you have the Interface administrator user right – adds a category to page automatically