On the Customers (End-users) settings page, you select the settings that affect how your users access and use your Zendesk. For example, if you want your Zendesk to be available to anyone, you select the Anybody can submit tickets setting. This one setting and its related end-user settings determine how open or restricted your Zendesk is to your end-users.
You can configure your Zendesk end-user access for the following:
- Anybody can submit tickets and no registration or email verification is required.
- Anybody can submit tickets but you require that the user proves that they are human using CAPTCHA.
- Anybody can submit tickets but you also require registration and email address verification.
- Anybody can submit tickets but you restrict access to your Zendesk based on email domains or IP restrictions (IP restrictions is a feature available in the Enterprise version of Zendesk). In other words, you only accept registration and tickets from approved users.
- Only users you add to your Zendesk are able to submit tickets and use your Help Center.
There are variations of these configurations as well. For example, you can allow anybody to submit tickets, require registration, and also restrict access using email domains or via IP restrictions. These configurations are also affected by using both social media and enterprise single sign-on (see Single sign-on (SSO) options in Zendesk.
To manage end-user settings
- Click the Admin icon (
) in the sidebar, then select Settings > Customers.
Selecting who can submit tickets
The Anybody can submit tickets setting is one of the most important end-user settings because it determines which users can access and use your Zendesk. You can allow anybody to use your Zendesk, close it to all but the users you add, or restrict the use of your Zendesk to just users from specific email domains or within a range of IP addresses. These configuration options are referred to as open, closed, and restricted and are explained in detail in the following topics:
Controlling spam tickets with CAPTCHA
The Require CAPTCHA setting requires users who are not signed in to complete a verification test before they can submit a ticket.
Allowing anybody to submit tickets might lead to some spam email appearing as tickets in your Zendesk. Requiring users who are not registered and signed in to confirm they're human before they can submit a ticket goes a long way to prevent spam. Zendesk uses Google reCAPTCHA. Most users can simply confirm they're human without having to solve a CAPTCHA. A risk analysis engine predicts whether the user is a human or an abusive agent. If the engine isn't sure, it'll display a CAPTCHA that the user must solve before they can submit a ticket.
The Google reCAPTCHA is included on the Sign Up page by default and can't be disabled.
Requiring that your users register to use your Zendesk
The default configuration of the Help Center is that the Sign Up page is displayed and that your users have the option of registering and creating a user account in your Zendesk. If you enable the Ask users to register option, you are requiring that your users sign up and create an account. To create an account, the user's email address must be verified. Until it is, any support requests they made (via the support request web form, the Web Widget, or email) will be held in limbo (in other words, not added to your Zendesk views).
The registration process, and the advantages to the user of requiring registration, are explained in Registration.
Controlling access to Zendesk Support with the email whitelist and blacklist
The email whitelist and blacklist, shown when you select Anybody can submit tickets, are used to restrict access to Zendesk Support. For example, you can accept user registrations and support requests from users who have email addresses in the email domains you add to the whitelist. You can then reject all other users by adding an asterisk (*) to the blacklist. If you're not setting up a restricted Zendesk, leave both the whitelist and blacklist blank.
The whitelist and blacklist are explained in more detail in Permitting only users with approved email addresses to submit tickets (restricted).
As mentioned above, you can also restrict access using IP restrictions. This is a feature available in the Enterprise version of Zendesk. For more information, see Restricting access to your Zendesk using IP restrictions.
Registration message and verification email notifications
The Sign Up page in the Help Center contains a message prompting users to fill out the registration form.
You can customize this message on the Customers (End-users) settings page by editing the User registration message. You can also add dynamic content to this message. For more information, see Providing multiple language support with dynamic content.
When your users register, they receive a welcome email message (called the User welcome email) that prompts them to verify their email address, which then prompts them to create a password so that they can sign in to your Help Center.
Users receive a similar email message (called the Email verification email) when they add secondary email addresses to their user profiles. Both of these messages can be customized and both support dynamic content.
Sending the email verification message to users you add
You have the option of sending the verification email when you add users to your Zendesk by enabling the Also send a verification email when a new user is created by an agent or administrator setting. This is the same email message shown in the previous section. When you add a user yourself, you'll probably also want the user to verify their own email address and then create a password so that they can sign in to your Zendesk. But of course with the many access, registration, and sign-in options, including single sign-on, available in Zendesk you may not want to enable this setting.
Please refer to the following topics for a more detailed description of the use of this setting:
Allowing your end-users to edit their profiles and change their passwords
The Allow users to view and edit their profile data setting is enabled by default and allows your users to add information to their user profiles. For example, they can add secondary email addresses, their Twitter account, and so on. You should disable this option if you use remote authentication because your user data is handled outside of your Zendesk.
The Allow users to change their password setting is also selected by default. You normally want your users to be able to change their own passwords. But like the Allow users to view and edit their profile data setting, you'll want to disable this if you administer users and passwords in another system and use remote authentication.
Validating phone numbers
With this setting enabled, phone numbers added to user profiles must be in the internationally standardized E.164 format. E.164 numbers can have a maximum of fifteen digits and are usually written as follows: [+][country code][subscriber number including area code]. Numbers that don't conform to this format will fail to save to user profiles.
Enabling user tagging
Enabling user tagging allows you to add tags to a user's profile. These tags are then added to the user's tickets, which you can then use to control your workflow. For example, you can use a tag to escalate a specific user's tickets.
The user does not see the tags that have been added to their profile.
For more information, see Adding tags to users and organizations.
Comments
9 comments
@Tim
The Twitter field only shows up if you have Twitter authentication enabled in your security settings. You'll see this under Security -> End-users-> Social Media Single Sign-on. If you uncheck the option for "Twitter" then the option to sign-up using your Twitter handle will no longer display.
The user should also receive a "Sign-up Complete" message once they register. I tested and confirmed that they'll see a message like the one below:
"Thank you for signing up, Matt.
A welcome email will be sent to <their email address> shortly, containing a verification link that enables you to sign in.
If you don't receive email from us within a couple of minutes, please check your junk/spam folder."
I hope this helps!
@ Matt thanks for the replies -
is there any way to configure this message? I cant find this in the zendesk interface. This message also isnt happening on https://fusionentertainment.zendesk.com/hc/en-us
@Tim, sorry for the delay in response here. This particular message is hard coded, so there isn't a place to edit it.
I have two users from the same organization that would like to comment on each other's tickets. I know they can do this by CC'ing one another when submitting a ticket, but can they do this when logged into the system?
Thanks.
Hi there!
When your end-users are logged into your Help Center, they can click on their name in the upper right corner and choose My Activities. From there, there will be two tabs: My activities and Requests I'm CC'd on.
All they need to do is CC each other when they submit the tickets, and they'll be able to see them from there.
Please let me know if you have any other questions!
Hi there! Is it possible to configure the end user settings for different brands separately? For one brand we are using an SSO connection where we don't want users to manually login to Zendesk. For another brand there is no such SSO connection and here we would like users to login manually to Zendesk.
Looking forward to hear from you.
Hey, Arno. Since no one from the community has been able to give you an answer, I've asked one of our Customer Advocates to jump in. Someone should be along soon.
Hey Arno!
Justin here from the Advocacy team weighing in on this question.
At the moment you can only setup one authentication method for end-users, however there is an option to restrict users by IP address. If in your case all the users authenticating through the SSO are going to be coming from the same IP address, as a workaround what you could do is setup an SSO configuration for the account, and specify an IP address range for those customers using the SSO under Admin >> Security >> Global. In that setup all users within that IP address range would get the SSO login, and all users outside of that range would get a normal email/password login.
I hope that makes sense, but feel free to reach out to our support team should you need any further clarification.
Hi Nicole & Justin, thanks for responding! Unfortunately our users are not coming from the same IP address.
We will try and proceed with creating separate jwt SSO options (https://support.zendesk.com/hc/en-us/articles/206354108-Multibrand-Using-multiple-JWT-Single-Sign-on-URL-s-Professional-Add-on-and-Enterprise-)
Please sign in to leave a comment.