Configuring end-user access and sign-in

Have more questions? Submit a request

56 Comments

  • Carlos
    Comment actions Permalink

    Hello I'm reading the article and the comments but I'm not sure if I'm understanding well or even if it's possible what I'd like to get.

    The point is I'd like the users who register in our App can log in Zendesk Guide with same email and password without need register again on Zendesk guide. I think the next picture explain better the situation. So, is that possible with SSO Zendesk solution? If so, then how to do it? Thank you so much.

    0
  • Jessie Schutz
    Comment actions Permalink

    Hi Carlos! 

    This should be possible using one of the SSO options in Zendesk. You can check out the details on that here.

    0
  • Irene
    Comment actions Permalink

    Currently I'm setting up Zendesk. I noticed with the ticket links that customers may also see tickets online. I wanted to try out this feature, but I'm really not clear on how I can test it. I tried logging in as a customer but access was restricted. I think it is because I don't have Guide set up (we've bought Zendesk this year). But this is where it gets a bit complicated. Do I need to pay extra for Guide if I'm on a Support plan? Why do I have to sign for an extra Agreement for Guide and what is the consequence of signing this? I do not need an knowledge base etc., as we have this featured on our own organisation website already. I just want to test what logging in to a ticket portal looks like to a customer, which restriction I can set and how this works, and whether this is a handy feature for us. So my question is do I need to setup Guide for this, does this mean our subscription fee will increase? It seems really complicated to setup Zendesk and it takes a lot of time to get through all the help pages, the information is a bit fragmented, it would be good if there was a good manual(s) and guides with a lot of examples (if you change or setup feature x, your output looks like y). Regards

    0
  • Justin Smith
    Comment actions Permalink

    Hello Irene,

    Thanks for the questions! 

    The nice thing about the Zendesk suite of features is that you can pick and choose which options fit your organization best.  Guide for example has different plan levels that you can choose; ranging from a higher priced Enterprise plan with lots of customization options to the Lite plan which is completely free, but is also a bit more feature-limited.  

    The customer facing portion of the Zendesk account is run off of Guide, so if your goal is to test out what it's like for your customers to login to their portion of the customer facing portal, you will need to pick one of the Guide plans.  As it sounds like your business already has your own website and isn't in need of a Knowledge base, I would recommend the free Guide Lite plan, as that is free to use.  Once you pick your plan level you'll just need to activate the Guide page from within the Settings and you'll be free to access it just like a customer would.  

    Here is a link to our Guide Resources page that has a lot of really good material that can help give you some direction in the setup process, so check that over and feel free to reach out again if you have any other questions!

    0
  • Heather
    Comment actions Permalink

    Hi There!

    My company is currently working on a Zendesk site that will (sort-term) ONLY be used for the Knowledge Base feature (documentation repository.)  Most of the information on the access and authentication configurations seems geared towards how it affects when/how/by whom support tickets can be submitted, but I was wondering how these configurations play out when only the documentation repository is being utilized and there is no support ticket workflow being used.  Are there any recommended best practices for how to set up a Zendesk site with the caveats that:

    • No support ticket workflow is being used, only documentation repository
    • Both internal and external users can access the site, but the general public should not be allowed access.

    Any tips/recommendations on access set up based on these requirements would be greatly appreciated!

    0
  • congotim
    Comment actions Permalink

    Hi there. We are working on getting Zendesk setup for our end users. We'd like them to use the Microsoft login which works beautifully, but we are worried that many users will be confused by the MS and Zendesk login setup. Is there a way to hide the Zendesk login so that the only option is to login with MS credentials?

    0
  • Nick Malone
    Comment actions Permalink

    Hello Congotim,

    Unfortunately, there is no way to hide Zendesk login and only display Microsoft login for End-Users. While this is possible for Agents, for End-Users, Microsoft login is considered an extension of Zendesk login rather than something stand-alone.

    0
  • Saurabh Sinha
    Comment actions Permalink

    Hi,

    We have recently set up Guide for our users. I was wondering if there was a way to provide end-user specific information on the guide. For example, if a customer signs in, I could show them a page called "Where is my order?" where the last 5 orders from this customer and their current status are shown.

    0
  • Nicole - Community Manager
    Comment actions Permalink

    Hi Saurabh -

    It may be possible to accomplish this with some custom code, but that kind of functionality is not native to the platform.

    You might want to post your question in the Guide Themes & Customizations topic in the community to see if anyone can help you out with the code that would be necessary.

    0
  • Brian Likosar
    Comment actions Permalink

    Where you mention "2-factor authentication can be turned on by agents and administrators on an individual basis", did you mean to say "2-factor authentication can be turned on for agents and administrators on an individual basis." ?

    1
  • Jessie Schutz
    Comment actions Permalink

    Hey Brian! I'm not sure whether that's the wording that was intended, so I'm going to check with our Docs team and see what I can find out! Thanks for the heads-up!

    0
  • Rob Stack
    Comment actions Permalink

    Hi Brian, thanks for this great catch! You are indeed correct that it should read "for", and I've made that change. We appreciate your help!

    0
  • Harry Klein
    Comment actions Permalink

    Hi Zendesk,

    I want to limit access to customer support to designated people. For example, one customer may be allowed to have only one contact, another two, and another three. It's clear how that use case works (create accounts for them). What happens when someone sends a support request who doesn't have an account? Can we control that message? Can we use triggers to direct them to the person within their organization who can request support?

    Thanks,

    Harry

    0
  • Kyle Jones
    Comment actions Permalink

    Hey there Harry,

     

    This is definitely a good question and I don't believe there's a native way to restrict user access to submitting tickets on a number basis, sadly. However, I'm thinking this is something you can set up triggers for, but this would require a lot of work and I don't think it's something we can go over while within a community post, but I would be happy to try to flesh this out with you within a ticket! (I will be creating a ticket for you after this reply.

    If a user submits a support request, but you have "Anyone can submit tickets" turned off, they will receive nothing. However, this will create a suspended ticket that alerts you to the request being made, but it does not create a ticket. See more about this here ( https://support.zendesk.com/hc/en-us/articles/203663746 )

    Since nothing is received it cannot be controlled, but if you were setting this up via triggers you may be able to send out a response for these specific people. (We would need to clearly define your workflow before we can work this out.)

    This is equally something I think we should discuss in a ticket since it's with the general workflow of creating a trigger for these users.

    Thank you!

    0
  • Chris
    Comment actions Permalink

    I'm curious how Zendesk manages the following use-case.

    We have organization set up based on email domain --- say Bob@XYZco.com --- he's an employee of XYZco.

     

    When the user signs up (or sends an email) -- they can verify their account/ verify access to the email.

    What happens when Bob leavex XYZco and is no longer an employee, nor can access his email? Does his "online sign-in" still work?

    Or is there a way for Bob to still access and respond to tickets through his long-gone corporate email (potentially) via the web (not an actual email client)?

    I'm not actually asking about our own Zendesk environment (we don't enable logins/ passwords) --- but a partner we submit tickets to that appears to have this hole that allows former-employee access.

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Chris,

    That would depend on the Zendesk environment. If the user no longer has access to the company email then they would not be able to reply back to tickets via email. However, if the Zendesk account allows users to access their tickets from the My Activities page they would still be able to log into the Help Center with their email address and password they've set up. That being said, if they forgot their password they would not be able to trigger a password reset email since they no longer have access to that email address.

    It would be up to the Admins who manage the Zendesk account on how they would address this. They could suspend that users profile so they can no longer sign in as well as delete the profile from the Support account. For more information on suspending users you can take a look at our Suspending a user article.

    Let me know if you have any other questions for me.

    0
  • Justin
    Comment actions Permalink

    We love the social SSO options, but if someone is on a community page > sign up > confirms via email > enters password selection > they are then redirected to our help center home page. Is there a way to send them BACK to the community page they were originally on?

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Justin,

    I double checked internally and it looks like the Social SSO option is not configurable. The only way to choose the landing page for your users is through SAML which by default will navigate the user back to the original page they were viewing before logging in.

    Let me know if you have any other questions :)

    0
  • Damian Wallace
    Comment actions Permalink

    Is there any way to require registration on one brand, but not another.  Our use case is that we have a retail offering that we want anyone to be able to open a ticket, and an enterprise solution that we issue logins to the admin.  Each has different business rules, SLAs, etc.  It seems like multi brand option doesn't seem to support this?

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Damian,

    There wouldn't be a way to accomplish this using multi-brand since user authentication/registration is tied to the account as a whole and not by brand. You can still set up business rules, SLA's, etc. for these admins within one Support account if needed. You just can't require registration from one set of users vs. another.

    The easiest solution here would be to tag the admins profile so any time they submit a ticket that tag is then applied to the ticket. You can then set up your SLA's/Triggers/Automations to only apply to tickets that contain that tag.

    Additionally, you can also limit who can view specific Help Center content using User Segments. This will allow for you to share come articles with these admins that are not available to normal end-users.

    Let me know if you need any additional clarification or if you have any other questions!

    0
  • Info Email
    Comment actions Permalink

    hi Zendesk team,

    i want to pass the users credentials using the API so that the following will happen:

    • When initiating chat, you no longer need to enter email and name

    • When submitting a ticket, you no longer have to enter your email

    • When submitting a ticket, you no longer need to Captcha

    • You’re now able to view your ticket history in the Help Center

    can i do it ?

    if yes, how?

     

    thanks!

     

    0
  • Devan - Community Manager
    Comment actions Permalink

    Hello,

    So the best way to go about bypassing the parameters you listed above would be to create a Single Sign-on through your server. I've gone ahead and linked an article that should help you in setting this up on your end. If there is anything else we can help with please do not hesitate to ask and have a great day.

    0
  • n j
    Comment actions Permalink

    Hi Team,

    This is the scenario i am trying to solve:

    Our Zendesk guide instance can be accessed by registered end-users. We will permit/restrict users access to our articles using user segments. However, we don't know how to restrict access to individual end-users who have left our partner organisations.

    For example end-user works for our partner organisation. The end-user registers on our Zendesk Guide instance and is granted access to our articles. Now this end-user leaves the partner organisation, however, the end-user can still log into our Zendesk guide using their old email address and password.


    We have looked into Enterprise SSO, and see the same problem exist here. Enterprise SSO uses JWT or SAML to authenticate users with an external identity service. I guess this external identity service would use an email address and password to authenticate users. Hence, there is nothing stopping an end-user formerly with an approved organisation, using their old organisation's email address and password to authenticate with this external identity provider and thereby get re-directed as a logged in user to our zendesk guide.

    Is there some security mechanism that i am missing that could help solve this scenario? How do others deal with this problem? Just FYI, we cant use TFA as Zendesk TFA only applies to agents/administrators and not end users.

    Cheers

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hi N J,

    If I'm understanding your use case correctly if the end-user no longer belongs to the organization, you could just suspend their user profile as mentioned here: Suspending a user

    If the user is suspended, they can no longer send in ticket requests or log in to your Help Center to view your articles.

    Let me know if that doesn't get you the results you're looking for.

    Thanks!

    0
  • Andrew Acker
    Comment actions Permalink

    Related to the portal, is there any way to limit the pages and control their login screen? I literally only want them to be able to login and see 'my activity'. Also called the 'my requests page'. I just want to provide a simple portal to track their tickets and see what's open and what's been completed. I don't want the knowledge base or any of the search screen. Is there any way to adjust the page navigation and remove pages like that?

    0
  • Nicole - Community Manager
    Comment actions Permalink

    Hi Andrew -

    Yes, you can do this. See the following article for more information:

    Setting up a requests only Help Center

    Let us know if you have any further questions on this.

    Also, I see that this is your first post. Welcome to the Zendesk Community!

    0

Please sign in to leave a comment.

Powered by Zendesk