On Enterprise plans, you can define your own agent roles and assign agents to those roles. This allows you to define agent roles that suit your own organizational structure and workflow.
Admins and agents in custom roles with permission can create and assign custom roles. However, agents can't modify their own role assignments or permissions or manage admin roles.
This article contains the following topics:
Related articles
Creating custom agent roles
You can create your own agent roles or base a new role on a native role that is predefined for you. You can either edit or clone most existing non-admin roles, or create a new role from scratch. You can create a maximum of 197 custom roles for your account. Each of your custom roles must have a unique name that isn’t too similar to the names of existing roles, such as Admin or Administrator.
- In Admin Center, click
People in the sidebar, then select Team > Roles.
- Click Create role.
Alternatively, you can copy an existing role for your new role. Hover over the row of the role you want to clone, then click the options icon () and select Clone.
- Enter a unique Name and Description for the role.
The name must not be too similar to the name of existing roles, such as Admin or Administrator.
- Define and create the agent role as described in Permissions that agents with custom roles can have.
- When you've finished defining the new role, click Save.
Permissions that agents with custom roles can have
When creating custom agent roles, you choose from an extensive list of permissions that define what agents can do.
Permissions | Description |
---|---|
Tickets |
You can define an agent's access to tickets, the types of comments they can make, and their editing permissions. An agent may access tickets that aren't suspended in one of the following ways:
Notwithstanding ticket access restrictions, cc'ing an agent (including a Light Agent) on any ticket lets the agent receive email notifications of all public and private updates to the ticket. An agent may assign tickets to brands in the following ways:
An agent may assign tickets to groups in the following ways:
An agent may manage suspended tickets in one
of the following ways:
Interacting with tickets:
Agents can add ticket comments in one of the following ways:
Additional ticket settings:
|
Custom objects | You can define an agent's access to each custom object in your
account. By default, agents don't have access to custom objects. They
can be granted any combination of the following permissions for each
custom object.
Permission to View is automatically selected if you select any other type of permission for an object. |
People |
You can define an agent's access to users and user profiles. An agent may view and edit individual end user profiles in one of the following ways:
Permissions to edit end users enables the agent to verify end users. Only admins can change an end user's role. Searching for end users:
Managing team member assignment to roles:
Managing custom agent roles:
Viewing and managing customer lists with the Customer List add-on (for accounts created prior to September 9, 2020):
Managing groups:
Managing organizations:
Other user-related permissions:
|
Channels |
Depending on the channels and admin permissions that have been
enabled for your account, agents may also be allowed to do any of
the following:
|
Agent workflow |
The Agent workflow section includes access and editing permissions for views, macros, and dynamic content. Views are predefined conditions for a collection of tickets. Agents may access views in one of the following ways:
Additional views settings:
Macros apply predefined actions to a ticket. Agents may do the following with macros:
Additional agent workflow settings:
|
Business rules |
You can decide if agents can manage business rules.
|
Security and privacy |
You can give agents security and privacy permissions when using the Advanced Data Privacy and Protection add-on. Manage deletion schedules permissions include:
|
Help center (if enabled) |
You can give agents help center permissions.
When this option is selected, agents in this role have Guide admin permissions. When this option is not selected, agents in this role have Guide viewer permissions. For more information, see Understanding Guide roles. When this setting is not selected, it does not necessarily mean that agents can't add and edit articles and posts. Permission to add and edit articles is determined by user management permissions set on each article (see Setting agent editing and publishing permissions on articles). Permission to add and edit posts is set at the topic level and applies to all posts in the topic (see Allowing agents to add or edit posts in community topics). |
Analytics (if Explore is enabled) |
If Explore is enabled, you can configure the level of access that agents have to analytics in Explore, Support, and Talk.
Explore permissions
For additional details, see Giving users access to Explore.
Reports permissions (in Support):
View Talk dashboard
|
Permissions that agents with custom roles can't have
There are some permissions that are available to admins that you can't assign to agents with custom roles. For example:
- Create or edit other agent or admin profiles
- Install apps
- Change a user's role
- Create custom agent roles
- Bulk import orgs or users
- Delete call recordings from tickets
- Assume other agents
- Edit subscriptions (including trials)
- Generate and manage API tokens
For more information about agent and admin permissions, see Understanding Zendesk Support user roles.
Assigning agents to custom roles
You can assign agents to a custom role from the role's settings or from the agent's profile.
To add agents to a custom role
- In Admin Center, click
People in the sidebar, then select Team > Roles.
- On the role you want to add agents to, click the options icon (
) and select Edit.
A detailed view of the custom role's settings is displayed. A list of team members in this role is visible in a panel on the right.
- Click the Actions menu, then Assign role.
The Assign role window is displayed.
- In the Select team members field, select a team member from the list or
search for a team member’s name and select it from the search results.
To add additional team members, search again and select another team member.
To remove an agent from the Select team members field, click the x next to their name.
- Click Assign role.
An updated list of agents in the role is displayed on the role settings page.
50 comments
Gabriel Manlapig
In this article, custom roles should is only available on Enterprise and Enterprise Plus plans. In your case, your plan subscription might not meet the criteria to create custom roles.
However, if your subscription doesn't support creating custom roles, agents must have access to "All tickets" so they can edit the organization fields.
You can adjust the access an agent has to tickets in their user profile.
Other than that, if you don't allow your agents to view all tickets, only administrator can edit organization fields. I hope that helps!
0
Pascal Turmel
Hello Zendesk,
I took a look a Custom Roles which I am familiar with and was not able to see how we can restrict some Orgs ticket and user view to only certain agents (However, the opposite “aka to restrict agents in a custom role to an organization (Enterprise)” is easy). Maybe I am missing something obvious? So, for example, we would have most of our agents to see everything except those orgs tickets and some limited agents to be able to see Everything including some limited Federal orgs. This is to try to implement our Fed ramp program.
Thank you for your feedback on how best to implement this
0
Anderson
Hi folks,
Nice that you implemented this and all, but...
1- Why have all my custom roles enabled these new options by default? They should be disabled with the ability to be turned on, as we don't want everyone to have this permission.
2- Why can't I disable those options in any of my custom roles? I untick the options, Save, and then they are still enabled... This is a serious bug as it is giving permission even to Delete my Brands and Organizations to all my agents
Sections being affected:
![](/hc/user_images/PFbc3qz_D6s6a7x8CUURdA.jpeg)
0
Dane
Thank you for the feedback. Creating custom roles indeed have those options turned on by default. You can always have them disabled whenever you create a new one. I have also tried to disable it on one of my custom roles and did not encounter any issues. What I can suggest is try to clear your cache and try again. If the same issue persisted, please contact our support directly so that we can check it further.
0
Prateek Reddy
Hello Zendesk,
We have a scenario that we are facing issues with and wanting to seek your thoughts on this.
We create users in Zendesk through BetterCloud-Zendesk Integration and we are only able to create user with the three standard roles
"end-user"
,"agent"
, or"admin".
We have few custom roles that we created in our Zendesk Org and want users to be created and assigned with our custom roles, but we only see the three standard roles to pick from.
How can we achieve this, any help is appreciated.
1
Noly Maron Unson
Hi Prateek,
The BetterCloud-Zendesk Integration is a third-party integration created by BetterCloud themselves. We actually do not have the documentation needed nor the developer access to the integration to answer this inquiry. I highly suggest that you coordinate with the integration developer for this question.
You can utilize the "Contact Us" button in the marketplace to reach out directly to BetterCloud support.
Hope this helps.
0
Rajamanju B
Hello Zendesk
I need to create a role, which would limit the agents to add only 3 attachments per comment and each attachment size shouldn't exceed 3 MB.
But in create a role options, I dont see anything related to attachments..
0
Noly Maron Unson
Hi Rajamanju,
There is no setting for a custom role that can limit the number or size of attachments an agent can add per comment. These settings are all hardcoded in the backend and not editable.
See: Attachment size limitations
I encourage you to create a new post in the General Product Feedback topic in our community to engage with other users who have similar needs and discuss possible workarounds. Conversations with a high level of engagement ultimately get flagged for product managers to review when they go through roadmap planning.
Thank you.
0
Bobby Watton
It looks like we still don't have the ability to grant non-admins perms to change Capacity Rules in Omni. We need Real Time Analysts at our BPOs to be able to move agents between channels using Capacity Rules but we're not going to give them Admin perms. Please add this.
0
Shawna James
0
Akanksha Shukla
Hello All,
How can we restrict the agents for reassignment tickets and unrestricted the supervisor (custom role) for reassignment?
Please provide me with a solution to this issue as it's a critical issue for my system.
Any suggestion for the third-party app would be appreciated.
Thanks in advance.
Akanksha
0
Stephanie Braddell
How can I prevent a group from viewing or making comments in internal notes?
0
JR Lausin
Please check this new visibility restrictions on tickets requested by agents
https://support.zendesk.com/hc/en-us/articles/5952162640282-Announcing-new-visibility-restrictions-on-tickets-requested-by-agents
Sincerely,
0
Heather Rommel
HI Zendesk team!
We're having a spirited debate between a few Zendesk Admins and I'm hoping you can answer this (and perhaps update the documentation):
An agent may view and edit individual end user profiles in one of the following ways:
Sorry for the caps, there's no option for sub-bullet so this is my way of differentiating my question from the article documentation :D
Sincerely,
Heather
0
Destiny
Yes, your understanding of these permissions is correct. Here's a summary based on your description:
Hope that helps~!
1
Jacob Punz
Hi Zendesk team!
We have a set of agents whose ticket permissions are set so that they can only view tickets within their groups (‘Ticket’s they can access' is ‘Within their groups’). Is there a way these agents can view the tickets they have submitted to other groups (tickets they are the Requester on) or are CC'd on from within Zendesk, without them having access to other tickets in other groups which they aren't involved on? E.g. If a team member from our data team submits a ticket to HR is there a way for them to view this ticket in Zendesk without having access to the other tickets in the HR queue? Right now this set of agents can still interact with tickets via email but have requested a way to interact with them from within Zendesk.
Cheers,
Jacob
0
Francis Casino
I hope you're doing well! I've gone ahead and created a ticket (12810224) to assist you further with this issue. You can look forward to receiving an email from us shortly.
0
Joseph Palacios
I am on Enterprise trial and do not have Team > Roles. Is there a different path to it?
1
Watchfinder.co.uk Limited
I would like to give a custom role the ability to edit their own schedule - how could I do this? I don't really want to create more Admins just so that they can update their bank holidays and opening hours.
0
Adam Hedrick
Hi Team,
I think it should be noted that Custom roles don't appear to be creatable in the trial zendesk environment.
0