all plans

You can configure your Zendesk Support instance to be open, closed, or restricted (see Configuring end-user access and sign-in).

This article describes how to set up a closed instance, so that your Help Center is visible to everyone but only the users that you add to your Zendesk account can sign in and submit support requests. Each user's account must be created before they can sign-in and submit support requests.

Closed Zendesk Support, by default, has the following access rules:

Your Help Center is visible to all visitors, whether they are signed in or not.
Only verified users you have added to your Zendesk account can submit support requests through the Help Center. Unverified users that have been added to the account can verify themselves by going to the Help Center and requesting a password.
Both verified and unverified users you have added to your Zendesk account can submit support requests via email to your Zendesk Support address.
If you have a knowledge base, access is determined by the rules applied to it, as described in Restricting access to knowledge base content.

This article contains the following sections:

Disabling the 'Anyone can submit tickets' option
Adding users to the closed Zendesk Support
About new user email address verification and passwords
Restricting your content to signed-in users only

Disabling the 'Anyone can submit tickets' option

In a closed Zendesk you disable the option to allow everyone, even visitors who are not signed in, to submit tickets. This means that you have complete control over who uses Zendesk Support. Typically, you'll set up Zendesk Support in this way by adding all your users yourself. Although, there is a way for an anonymous user (someone not already added to Zendesk Support) to still submit support requests and have your agents approve of the request, add the user to Zendesk Support, and add the support request as a ticket to your queue (see When anonymous users submit support requests).

To disable the 'Anyone can submit tickets' option

Click the Admin icon () in the sidebar, then select Settings > Customers.
If it's selected, deselect the Anybody can submit tickets option.

Note: Deselecting this option can impact Web Widget functionality (see Using restricted Help Center content with the Web Widget).
Optionally, in the Account emails section, select the Also send a verification email when a new user is created by an agent or administrator option.
This option is explained in more detail in About new user email address verification and passwords below so you can decide if you want to enable it.

Note: If you started using Zendesk on or after August 21, 2013, this option is not available until you enable Guide (see Getting Started with Guide).
Click Save tab.

The settings you've just made removes the Sign Up link from the sign-in window of your Help Center.

This means that users who access Zendesk Support have no option for self registering (signing up and creating an account). This includes your agents as well. You need to add all your users yourself.

If you also restrict all your content to either agents or signed-in users only (see Restricting your content to registered users only below), the only page that visitors see when they access your Help Center is the sign-in page and, if they don't already have a user account in your Zendesk, they are unable to sign in.

Adding users to a closed Zendesk Support

When Zendesk Support is closed, and restricted to only users you add, you need to add the users yourself. Here are the following ways you can add users:

Manually adding users one at a time (see Adding end-users, agents, and administrators)
Adding many users in a bulk import (see Bulk importing users and organizations)
Adding users via the Zendesk API (see Zendesk API: Users)

By default, when you add a user to your Zendesk, they are unregistered (and therefore unverified). At this stage, they can submit support requests via your support email address, but not through the Help Center. When they register themselves, they become verified users of Zendesk Support, and can submit support requests through both the email address and the Help Center.

The following section explains how email verification works and how user passwords are created when adding users.

About new user email address verification and passwords

Since you're adding your users yourself, rather than allowing them to sign themselves up, you need to think about how the verification process happens. This is where the Also send a verification email when a new user is created by an agent or administrator option needs to be considered. If you set this option, all users you add to Zendesk Support receive the User Welcome email message, which prompts them to click a link to verify their email address and then create a password so that they can sign in to your Zendesk. If you want new users to be able to sign in to your Help Center, they each need a password. So by enabling this option you're asking your users to manage email address verification and create passwords themselves.

If you don't want your users to receive the verification email message, you don't set the Also send a verification email when a new user is created by an agent or administrator option. But, if you do that, you have the problem of your users' email addresses not being verified, which means that they can't create passwords and sign in to your Help Center .

Note: Unverified users can still submit support requests to Zendesk Support via email, and these requests are handled in the same way as those submitted by verified users.

When you add your users, you have the following options for email verification and passwords if you elect not to send the User Welcome email.

You can tell your users to send support requests via email using your support email address (for example, support@mycompany.zendesk.com).
Using the Zendesk API, it's possible to both add new users and to also set their passwords. You can automatically verify all your users' email addresses using the API verified parameter. This means that your users will be fully registered and verified. Assuming you also provide them with their passwords, they can immediately sign in to your Help Center. For more information, see Zendesk API: Users.
You can manually verify a user's email address after you've added them to your Zendesk. See Verifying a user's email address in the Zendesk Agent Guide.

When anonymous users submit support requests

Despite your Zendesk Support being closed, it is possible for an agent to create a ticket from a support request from an anonymous user. When you receive a support request from an anonymous user, when you've configured Zendesk Support as closed, the request is added to the Suspended Tickets view. From there an agent can either delete the request or recover it. Recovering the ticket creates a new user account and adds the ticket to your Zendesk. For more information, see Viewing, recovering, and deleting suspended tickets in the Zendesk Agent Guide.

If the Also send a verification email when a new user is created by an agent or administrator option has been selected, the User Welcome email is sent to the user when the suspended ticket is recovered. The user clicks the link to verify their email address, creates a password, and is then signed in to your Help Center where they can use the knowledge base and submit and track requests.

If the Also send a verification email when a new user is created by an agent or administrator option has not been selected, the user remains unverified and can't sign in. The user receives the ticket received notification, and can respond to the notification via email.

Using enterprise single sign-on (SSO)

If you're using JWT or SAML (available on Professional and Enterprise) for user access to Zendesk Support, all user management and authentication happens outside of your Zendesk. Your single sign-on service is synced with Zendesk Support. So, for example, if you add a user account for a new employee, that employee has immediate access to your Zendesk.

When using SSO with a closed Zendesk Support, a few issues may arise. What happens if a user sends an email support request and they're not already a user within the closed Zendesk Support? The user's email support request will be suspended. In other words, if the user doesn't already exist in Zendesk Support, synced to it via your single sign-on service, then the user cannot submit support requests. Only known, legitimate users in your user management system will be able to access the closed Zendesk Support.

You also do not want to select the Also send a verification email when a new user is created by an agent or administrator option because you never want to users to create passwords directly in Zendesk Support. Remember that's all handled outside of your Zendesk.

It's important to remember that social media single sign-on is different. These provide your users with additional ways to sign in to your Zendesk. To use them, your users need to add these social media accounts to their user profiles themselves. You can't do it for them.

Restricting your content to signed-in users only

When you close or restrict Zendesk Support, you also may want to hide all content in your Help Center so that only signed-in users can see it. To do this, you can require that users sign in to access your Help Center (see Restricting Help Center access to signed-in users).

When all your content is restricted to signed-in users, visitors to your Help Center will only see the sign-in page. The users you added to your Zendesk can sign in there and access your content.

7 Comments

Corrin Duque
- October 27, 2016 19:59
Comment actions Permalink
Seems this article is missing the links to referenced information. I was especially hoping to view the link that is missing for "Adding many users in a bulk import":

0
Aimee Spanier
- October 27, 2016 20:13
Comment actions Permalink
Hi, Corrin. I've updated the article, thanks for letting us know about the missing links. Here's our article on bulk importing users:

Bulk importing users and organizations

I hope that's what you're looking for - let me know if you need anything else.

0
Jim Zucker
- September 10, 2018 16:57
Comment actions Permalink
We want to only allowed signed-in users but with that group we want to limit who can submit ticket is there a way to solve that?

0
Yvonne Topete
- February 04, 2019 20:39
Comment actions Permalink
What is the work around for restricting the submit ticket/my activities area of the guide for one particular user? I was told some custom coding could be done for this. Could you point me in the right direction?

0
Nicole - Community Manager
- February 04, 2019 20:53
Comment actions Permalink
Hi Yvonne -

I'm not certain about customizing for a single user, though it may be possible. I would recommend posting your question in the Guide Themes & Customizations Topic in the community. Many of our customization experts follow that topic and may be able to help you determine the code or find the right resources to help you out.

0
Rohan Sherrard
- June 12, 2019 14:02
Comment actions Permalink
Have been struggling to determine a way to handle security in Zendesk and Zendesk Guide.

We don't want everyone to be able to access the guide.
Only verified users should be able to login via the guide.
Anyone can email in a support request to create a ticket.

The product has too tightly coupled the idea of a guide with creating support tickets, probably because the platform is focussed on b2c rather than b2b.

0
Devan La Spisa
- June 19, 2019 15:24
Comment actions Permalink
Hello Rohan,

So the best way to go about accomplishing this would be to require those to access your guide content to require approval from an admin or agent who has permission to approve new users/clients. I've gone ahead and added a guide that will help navigate how to go about setting this up on your end.

Let me know if this helps and if you have any questions and appreciate the inquiry.

0

Please sign in to leave a comment.

Permitting only added users to submit tickets