Sunshine custom objects allow you to create object records based on a blueprint for an object type in Zendesk. You can control access to your custom objects by defining roles-based access control policies. You can define role-based access control policies for your custom objects as you create them, or by editing existing objects.
These policies define the permissions of agents and end users for object records and relationship records. The permissions include the ability to create, read, update, or delete object records and relationship records. Administrators always have full permissions.
This topic provides examples of role-based access control policies and shows you how to set permissions in Admin Center.
This article contains the following sections:
Examples of setting permissions
For example your developer wants to build a Zendesk app for your agents to manage rental properties from within Zendesk. You want to make sure that your agents can update and read existing records, but you don't want them to be able to delete or add new records. In this case you'd set up these agent permissions:
Another example is that you want to integrate information about the rental properties into your Help Center. In this case you'd want to make sure that end users can read information about the rental properties, but that they can't create, update or delete the records. You would set these end user permissions:
Setting roles and permissions for objects
When creating an object you can set permissions once you have saved the object schema. Once you've saved the object schema you can see a set of default permissions in the Permissions tab. The default permissions for an object provide full permissions (create, read, update, or delete) to agents, and no permission to end users.
To set the roles and permissions for a custom object
- In any product, click the Zendesk Products icon () in the top bar, then select Admin Center.
- Click the Sunshine icon () in the left sidebar.
The Custom Objects page opens in Admin Center.
- Click Add object type, or select an existing object to edit.
See Sunshine custom objects guide for admins to configure the settings on the Schema tab.
- Click the Permissions tab.
- Select the Agents or End users role to define permissions.
- In the Agents or End users panel, select the permissions you want enabled for agents or end users.
Choices are: Create, Read, Update, and Delete.
- Click Save.
You receive a message that the object is saved, and can see the updated permissions in the table.