English (US)
  1. Zendesk help
  2. People
  3. People advice and troubleshooting

How can I prevent agents in one group from seeing another group's tickets?

Ricardo Pinto
  • Edited
Zendesk Digital Resources Team

Question

I want to be able to restrict agents so that they can only see tickets within their own groups. Is this possible?

Answer

There are two ways to implement such a workflow in your company.

Build one Zendesk account

Build two Zendesk accounts

Considerations

The primary benefit of building out your workflows on one Zendesk account is that you can keep all your agents in the same account. This can make administrative tasks easier and has the added benefit of not requiring another subscription. However, this option is not completely secure and there are ways that the separation can be circumvented. Depending on your use case the flexibility afforded by these workarounds may be desirable. These workarounds are noted in the article: Can I use the same Support account for customer support and HR workflows?

This solution keeps the admins under the same interface, managing all departments within the same account. However, each admin has access to data from all groups. In such a workflow, there is a lot of remediation and work to be done to keep the departments totally separated.

Finally, agents are treated as agents, which means that if the agent is the requester of a ticket of a different group, the system sends internal notes notifications for that ticket. Additionally, an agent is not able to request tickets through the Help Center because the ticket form is only available to end users.

To set up agent access restrictions

Create different groups and make sure agents can only see the tickets assigned to their groups.

When you add agents to groups, define their privileges on their profile page. One of those privileges is called Access. This defines the agent's access to tickets. Select Tickets in agent's groups.

Note: On Enterprise plans, you do not set agent ticket access in the user's profiles. Agent permissions are determined by the custom role you select for the agent. For more information, see the article: Custom agent roles.

Considerations

This is the most secure way to separate your agents and is the preferred method when data privacy is the biggest concern. It does require purchasing two subscriptions and may be a heavier lift to set up initially but is the most flexible solution in the long term because workflows can be easily changed. You simply set up your two Zendesk accounts independently.

If you need to share a ticket between two instances, set up a sharing agreement between both accounts. A sharing agreement grants another account permission to work on your tickets. Only shared tickets can be accessed by the other account. For more information, see the article: Sharing tickets with other Zendesk Support accounts.

For related issues, see the articles listed below:

Return to top

10 Comments

  • Michael Cusimano

    Is there anyway for me to prevent the account owner from seeing ticket request that come in via the email channel?

    0
  • DJ Buenavista Jr.
    Zendesk Customer Care
    Hi Michael,
     
    Thank you for reaching out to Zendesk Support. 
     
    In regards to your concern, you can disable the following trigger "Notify all agents of received requests" and enable only the "Notify group of assignment" to make sure that only agents that are assigned receive the email notification. 
     

     
    You need to make sure that there's only a specific group that receives specific incoming emails and that the selected default group is not selected when you edit the trigger, since the account owner will always belong to the default group. 
     
    Thank you!
     
     
    Kind regards,
    0
  • Support Admin

    There is no field Access in the user profiles in my instance. Did they move where this is set?

    0
  • Dave Dyson
    Hi Support Admin,
     
    You won't see that field for Admins, because Admins have access to all tickets. You'll only see this in the user profiles for Agents, so you might need to add a non-Admin agent, or change an Admin to an Agent in order to see this.
    0
  • Ben S.

    I also don't see the "Access" drop-down for a non-admin user.  

    0
  • Gabriel Manlapig
    Zendesk Customer Care
    Hi Ben,
     
    If you're on our Enterprise plan, you do not set agent ticket access in the user's profiles. Agent permissions are determined by the custom role you select for the agent. 
     
    For more information, see the article: Custom agent roles.
     
    I hope this helps! Thank you!
    0
  • Gerard Masnou Artigas

    Just like Ben and Dave, I don't see the "Access" field in the user profile, regardless of their role. We are not on the Enterprise plan either. 
    Has this setting been moved elsewhere?

    0
  • Marine
    Zendesk Customer Care
    Hi Gerard! 

    Would you be able to confirm that this Access setting is not available on users profiles with an Agent role? 
     
    0
  • Gerard Masnou Artigas

    Hi Marine, 

    That is correct, users with the role "agent" do not have that setting available under their profile.

    1
  • Marine
    Zendesk Customer Care
    Hi Gerard,
     
    I've created a ticket for you with our Support to look at this deeper. You can expect an email shortly!
     
    0

Please sign in to leave a comment.

Powered by Zendesk