Creating custom roles and assigning agents

Suite

Enterprise or Enterprise Plus

Support

Enterprise

On Enterprise plans, you can define your own agent roles and assign agents to those roles. This allows you to define agent roles that suit your own organizational structure and workflow.

Admins and agents in custom roles with permission can create and assign custom roles. However, agents can't modify their own role assignments or permissions or manage admin roles.

This article contains the following topics:

Creating custom agent roles
Assigning agents to custom roles

Understanding native custom agent roles in Zendesk Support

Creating custom agent roles

You can create your own agent roles or base a new role on a native role that is predefined for you. You can either edit or clone most existing non-admin roles, or create a new role from scratch. You can create a maximum of 197 custom roles for your account. Each of your custom roles must have a unique name that isn’t too similar to the names of existing roles, such as Admin or Administrator.

To create a new role

In Admin Center, click People in the sidebar, then select Team > Roles.
Click Create role.
Alternatively, you can copy an existing role for your new role. Hover over the row of the role you want to clone, then click the options icon () and select Clone.
Enter a unique Name and Description for the role.
The name must not be too similar to the name of existing roles, such as Admin or Administrator.
Define and create the agent role as described in Permissions that agents with custom roles can have.
When you've finished defining the new role, click Save.

Permissions that agents with custom roles can have

When creating custom agent roles, you choose from an extensive list of permissions that define what agents can do.

Permissions	Description
Tickets	You can define an agent's access to tickets, the types of comments they can make, and their editing permissions. An agent may access tickets that aren't suspended in one of the following ways: Assigned to them Requested by end users in their organizations: Access tickets and end users only within their organizations. Also restricts visibility when searching for organizations or using lookup relationship fields that point to organizations. Newly-created end users will automatically be assigned to the agent's organization. If your account has multiple organizations, the end user is assigned to the agent's default organization. Within their groups Within their groups and all public groups: Enable agents to access and assign tickets within their groups, all public groups, and tickets that haven't been assigned to a group. All, including those in private groups: Access to all tickets, including tickets in private groups they don't belong to. Notwithstanding ticket access restrictions, cc'ing an agent (including a Light Agent) on any ticket lets the agent receive email notifications of all public and private updates to the ticket. An agent may assign tickets to brands in the following ways: Only assign tickets to brands they belong to: Assign tickets only within their brand memberships. Assign tickets to any brand: Assign tickets to brands they don't belong to. An agent may assign tickets to groups in the following ways: Only assign tickets to groups they belong to and public groups Assign tickets to any group: Assign tickets to private groups they don't belong to. An agent may manage suspended tickets in one of the following ways: Not allowed: Can't access the suspended tickets view. Recover or delete: Recover or delete suspended tickets and export the list of suspended tickets. Interacting with tickets: Edit ticket properties: Be assigned to tickets and edit properties. Edit ticket tags: Add and remove tags on tickets. Agents without this can still set custom fields. Agents without this can't add tags with macros on existing tickets, but they can add tags with macros upon ticket creation. Redact ticket content: Permanently remove sensitive ticket attachments and text in comments and side conversations. Manage malicious attachments: Manage access to attachments with detected malware. Merge tickets: Merge two tickets. Delete tickets: Delete tickets and recover them. Can also mark a ticket as spam if they have permission to delete the end user. View deleted tickets: Access the deleted tickets view, recover deleted tickets, and delete tickets permanently. Agents can add ticket comments in one of the following ways: Private comments only Public and private comments Additional ticket settings: View satisfaction prediction for tickets: View the predicted satisfaction ratings for tickets. Agents without this permission can still see the satisfaction prediction in views they can access. Manage ticket fields: Create, modify, and delete ticket fields using the Ticket fields page in Admin Center. Agents can't take these actions through the API. Manage ticket forms: Create, modify, and delete ticket forms.
Custom objects	You can define an agent's access to each custom object in your account. By default, agents don't have access to custom objects. They can be granted any combination of the following permissions for each custom object. View Edit Add Delete Permission to View is automatically selected if you select any other type of permission for an object.
People	You can define an agent's access to users and user profiles. An agent may view and edit individual end user profiles in one of the following ways: View only: View end user profiles, but can't create new end users. Add, edit, and assume profiles in organizations they belong to: Newly-created end users will automatically be assigned to the agent's organization. If your account has multiple organizations, the end user is assigned to the agent's default organization. Add, edit, delete, and assume profiles for any end user: Newly-created end users won't have an organization associated with them. Permissions to edit end users enables the agent to verify end users. Only admins can change an end user's role. Searching for end users: Search and view lists of end users: Search for end users by name, email address, phone number, or organization and view a list of matching end users. Without this permission, agents can only access individual end user profiles. Managing team member assignment to roles: Not allowed View only Create, assign roles, edit, and delete: Manage roles for all team members except for admins and their own role. Agents can't create admins or promote users to the admin or billing admin roles. Additionally, admins can't manage account owners. This permission includes the ability to import and export team members. Managing custom agent roles: Create, edit, and delete roles: Create and modify all roles other than their own. Viewing and managing customer lists with the Customer List add-on (for accounts created prior to September 9, 2020): View only Add and edit personal lists Add and edit personal and groups lists Add and edit personal, group, and global customer lists Managing groups: Add and remove team members from groups: Manage team members assigned to groups. Manage groups: Create, edit, and delete groups. Managing organizations: Manage organizations: Add, update, and delete organizations. Manage organization fields: Add, edit, and delete custom fields for organizations for end users. (Only admins can manage organization fields for agents and other admins.) Other user-related permissions: Manage user fields: Create, modify, and delete custom fields for user profiles for end users. (Only admins can manage user fields for agents or other admins.) View customer lists: Access the Customers page. When this permission is deselected for agents, they can still utilize auto-complete to access end-user information, including name, email address, phone number, and organization. Change agent status: Change agent status from the live reporting dashboard. This setting is available when omnichannel routing is turned on.
Channels	Depending on the channels and admin permissions that have been enabled for your account, agents may also be allowed to do any of the following: Manage channels and extensions: Manage channels including email, social messaging apps, and other modes of communication. Extensions include targets, webhooks, and integrations. Note: Depending on your admin permissions, some channels may not appear in the menu. Manage Facebook pages: Add Facebook pages that create tickets from Facebook wall posts. Access saved X Corp searches: Access tweets from the X saved search stream. Access Chat requests: Access chats from end users. Answer and place phone calls: Answer calls from and place calls to end users.
Agent workflow	The Agent workflow section includes access and editing permissions for views, macros, and dynamic content. Views are predefined conditions for a collection of tickets. Agents may access views in one of the following ways: Play views only See views only Add and edit personal views Add and edit personal and group views Add and edit personal, group, and global views Additional views settings: Limit number of views: Limits agents to the previous default amount of views, which is a maximum of 12 shared views and 8 personal views. Otherwise, agents will have access to the default amount of views, which is 100 shared views and 10 personal views. Access view filtering: Allows agents to view and use views filtering. This permission gives you more control over the agent experience. Macros apply predefined actions to a ticket. Agents may do the following with macros: Apply only: Can apply macros, but can't add or edit them. Add and edit personal macros Add and edit personal and group macros Add and edit personal, group, and global macros Additional agent workflow settings: Access dynamic content: View, add, and edit dynamic content. Manage contextual workspaces: View, add, and edit contextual workspaces. Contribute to side conversations: Reply to or start new side conversations with third parties or other agents outside the ticket flow. Without this, agents can only view side conversations. This option is only available if your Zendesk plan includes side conversations (see Using side conversations in tickets).
Business rules	You can decide if agents can manage business rules. Automations: View, add, edit, and delete automations. Skills: View, add, edit, and delete skills. Service level agreements (SLAs): View, add, edit, and delete SLAs. Triggers: View, add, edit, and delete triggers. Does not apply to Slack ticket triggers. Agents can still view individual triggers without this permission. Business rules analysis: Can access business rules analysis.
Security and privacy	You can give agents security and privacy permissions when using the Advanced Data Privacy and Protection add-on. Manage deletion schedules permissions include: Not allowed View only: View deletion schedules only. Create, edit, and delete: Can create, edit, and delete deletion schedules.
Help center (if enabled)	You can give agents help center permissions. Manage Guide: Access the help center as an admin to manage articles, themes, and setting. When this option is selected, agents in this role have Guide admin permissions. When this option is not selected, agents in this role have Guide viewer permissions. For more information, see Understanding Guide roles. When this setting is not selected, it does not necessarily mean that agents can't add and edit articles and posts. Permission to add and edit articles is determined by user management permissions set on each article (see Setting agent editing and publishing permissions on articles). Permission to add and edit posts is set at the topic level and applies to all posts in the topic (see Allowing agents to add or edit posts in community topics).
Analytics (if Explore is enabled)	If Explore is enabled, you can configure the level of access that agents have to analytics. Explore permissions No access: Cannot access Explore. View dashboards: Can view dashboards shared with them. Manage reports and dashboards: Can create, edit, and delete reports and dashboards. Manage reports, dashboards, and datasets: Can manage administrative settings and permissions for Explore. For additional details, see Giving users access to Explore. Reports permissions (in Support): No access: Cannot access reports. View only: Can only view reports. View, add, and edit: Has full admin permissions. View Talk dashboard View details about calls on the dashboard.

Permissions that agents with custom roles can't have

There are some permissions that are available to admins that you can't assign to agents with custom roles. For example:

Create or edit other agent or admin profiles
Install apps
Change a user's role
Create custom agent roles
Bulk import orgs or users
Delete call recordings from tickets
Assume other agents
Edit subscriptions (including trials)
Generate and manage API tokens

For more information about agent and admin permissions, see Understanding Zendesk Support user roles.

Assigning agents to custom roles

You can assign agents to a custom role from the role's settings or from the agent's profile.

To add agents to a custom role

In Admin Center, click People in the sidebar, then select Team > Roles.
On the role you want to add agents to, click the options icon () and select Edit.
A detailed view of the custom role's settings is displayed. A list of team members in this role is visible in a panel on the right.
Click the Actions menu, then Assign role.
The Assign role window is displayed.
In the Select team members field, select a team member from the list or search for a team member’s name and select it from the search results.
To add additional team members, search again and select another team member.

To remove an agent from the Select team members field, click the x next to their name.
Click Assign role.
An updated list of agents in the role is displayed on the role settings page.