English (US)
  1. Zendesk help
  2. Support
  3. Advice and troubleshooting
  4. Users, groups, and organizations

How can I prevent agents in one group from seeing another group's tickets?

Ricardo
  • Edited
Zendesk Community Team

Question

I want to be able to restrict agents so that they can only see tickets within their own groups. Is this possible?

Answer 

There are two ways to implement such workflow in your company.

  • Build on main instance

Create different groups and make sure agents can only see the tickets assigned to their groups.

When you add agents to groups, define their privileges on their profile page. One of those privileges is called Access. This defines the agent's access. Select Tickets in agent's groups.

Note: On Enterprise, you do not set agent ticket access in the user's profiles. Agent permissions are determined by the custom role you select for the agent (see Custom agent roles).

This solution keeps the admins under the same interface, managing all departments within the same account. However, each admin has access to data from all groups. In such a workflow, there is a lot of remediation and work to be done to keep the departments totally separated.

Finally, agents are treated as agents, which means that if the agent is the requester of a ticket of a different group, the system sends internal notes notifications for that ticket. Additionally, an agent is not able to request tickets through the Help Centre because the ticket form is only available to end users.

  • Build on two instances

To keep the sensitive data private without a lot of effort, purchase two different accounts. This solution makes it easier to change workflows in your instances.

Any SSO customization becomes more complicated because Active Directory needs to be connected to two instances.

If you need to share a ticket between two instances, set up a sharing agreement between both accounts. A sharing agreement grants another account permission to work on your tickets (see Sharing tickets with other Zendesk Support accounts).

For related issues, see the articles listed below.

Return to top
Have more questions? Submit a request

3 Comments

  • Caleb Strawn

    Instead of limiting an agents ticket access by what's relevant to the agent (group, org, etc.) I'd like to be able to limit access to tickets by what's NOT relevant to the agent. 

    Example: 3 users: A, B, and C. A is assigned to groups 1 & 2, B to 2 & 3, and C to 1, 2, 3, & 4.  How do I set user A to be able to access tickets in groups 1,2 (and 3 if needed) but not 4 (in any case)? 

     

     

    0
  • Jon Daniels
    Zendesk Customer Advocate

    Hi Caleb!

    To set that up currently, you could add Agent A to groups 1 2 & 3 and restrict them to those groups, and they wouldn't be able to view the tickets in Group 4.

    But as you said, that is indeed clunky for the situation outlined.

    I found a request here that I encourage you to vote for and add your example in the comments:
    Restriction on individual tickets or groups

    Thanks in advance for your feedback there!

    0
  • Caleb Strawn

    Gotcha, I was hoping there would be a way for Agent A to be able to access tickets in group 3 without actually adding them to that group because they aren't organizationally part of that group. I'll check out that resource. Thank you Jon!

     

    0

Please sign in to leave a comment.

Related articles

Powered by Zendesk