| Announced on | Rollout starts | Rollout ends |
| February 4, 2026 | February 4, 2026 | February 9, 2026 |
For customers on Enterprise and Enterprise Plus plans, Zendesk is adding additional granular permissions in custom roles.
This announcement includes the following topics:
What's changing?
Zendesk is extending permissions for viewing access and audit logs beyond the admin role to include custom roles. Previously, only admin users could audit system activity by accessing these logs.
With this change, admins can enable or disable these permissions on custom roles to control which agents can view logs without requiring full admin rights.
If you manage custom roles, you can now assign the following new permissions under Security and privacy:
- View audit logs (available on all plans)
- View access logs (requires the Advanced Data Privacy and Protection (ADPP) add-on)
Why is Zendesk making this change?
Currently, granting full admin privileges to users who only need to review audit or access logs creates organizational risks such as over-permissioning, accidental changes, and exposure to sensitive settings.
This change empowers organizations to adhere to the principle of least privilege by creating specialized roles for audit, compliance, or security teams that have exactly the permissions necessary—no more and no less. This improves security, governance, and reduces the number of full admins required within your account.
What do I need to do?
Review your current admin assignments and consider migrating audit and access log viewers to custom roles with these new targeted permissions to reduce over-permissioning and enhance security.
For more information on custom roles and permissions, see Creating custom roles and assigning agents.
If you have feedback or questions related to this announcement, visit our community forum where we collect and manage customer product feedback. For general assistance with your Zendesk products, contact Zendesk Customer Support.