On the End users (customers) configuration page you can select the settings that affect how your users access and use Zendesk. For example, if you want your Zendesk account to be available to anyone, you can select the Anybody can submit tickets setting. This setting, and related end user settings, determine how open or restricted Zendesk is to your end users.
You can configure end user access to your Zendesk account for the following:
- Anybody can submit tickets and no registration or email verification is required. Users must prove that they are human based on CAPTCHA requirements.
- Anybody can submit tickets as long as the endpoint of the ticket is authenticated.
- Anybody can submit tickets but you also require registration and email address verification.
- Anybody can submit tickets but you restrict access to your Zendesk account based on email domains or IP restrictions. In other words, you only accept registration and tickets from approved users.
- Only users you add to your Zendesk account are able to submit tickets and use your Help Center.
There are variations of these configurations as well. For example, you can allow anybody to submit tickets, require registration, and also restrict access using email domains or via IP restrictions. These configurations are also affected by using both social media and enterprise single sign-on (see Single sign-on (SSO) options in Zendesk).
- Selecting who can submit tickets
- Controlling spam tickets
- Requiring that your users register to use Zendesk
- Controlling access to Zendesk Support with the email allowlist and blocklist
- Registration message and verification email notifications
- Sending the email verification message to users you add
- Allowing your end users to edit their profiles and change their passwords
- Validating phone numbers
- Enabling user tagging
To manage end user settings
- In Admin Center, click People in the sidebar, then select Configuration > End users.
Selecting who can submit tickets
The Anybody can submit tickets setting is one of the most important end user settings because it determines which users can access and use Zendesk. You can allow anybody to use your Zendesk account, close it to all but the users you add, or restrict the use of your Zendesk account to just users from specific email domains or within a range of IP addresses. These configuration options are referred to as open, closed, and restricted and are explained in detail in the following articles:
Controlling spam tickets
There are two ways to control spam tickets. The first is the use of CAPTCHA, which is automatically enabled when you allow anyone to submit tickets. If the spam is coming from the APIs you can also require authentication for all tickets created using the requests API (/api/v2/requests) and uploads API (/api/v2/uploads) endpoints.
When anybody can submit tickets, CAPTCHA is used to protect your account. That means users who are not signed in may be prompted to complete a verification test before they can submit a ticket.
Allowing anybody to submit tickets might lead to some spam email appearing as tickets in your Zendesk account. Requiring users who are not registered and signed in to confirm they're human before they can submit a ticket goes a long way to prevent spam. Zendesk uses Cloudflare's bot detection and management software to prevent bots and malicious traffic. Most users can simply confirm they're human without having to solve a CAPTCHA. A risk analysis engine predicts whether the user is a human or an abusive agent. If the engine isn't sure, it displays a CAPTCHA that the user must solve before they can submit a ticket.
CAPTCHA is enabled by default, including on the Sign Up page, and can't be disabled. CAPTCHA is not currently available with the Web Widget.
Requiring authentication for the requests API endpoint
You can require authentication for the requests API endpoint (/api/v2/requests) and uploads API endpoint (/api/v2/uploads). Although it's highly effective at preventing spam, requiring authentication makes it harder for end users to open tickets anonymously. Some methods of ticket creation, such as the Zendesk Web Widget Contact form, custom apps, and external web forms, rely on the unauthenticated anonymous ticket creation process to submit tickets. Requiring authentication for the requests and upload endpoints will prevent the creation of anonymous tickets from these sources. The Require authentication for requests and uploads APIs setting is turned off by default and can only be enabled in Admin Center.
Requiring that your users register
The default configuration of the Help Center displays the Sign Up page and allows your users to optionally create a user account. To require users to register and create an account, enable the Ask users to register setting. When creating an account, the user's email address must be verified. Until it is, any support requests they make (via the support request web form, the Web Widget, or email) will be suspended and will not be added to your Zendesk views.
To learn more about the registration process and the advantages of requiring registration, seeRegistration.
Controlling access to Zendesk Support with the email allowlist and blocklist
When anybody can submit tickets, you can use the allowlist and blocklists to restrict access to Zendesk Support. For example, you can accept user registrations and support requests from users who have email addresses in the email domains you add to the allowlist. You can then reject all other users by adding an asterisk (*) to the blocklist. If you're not setting up a restricted Zendesk, leave both the allowlist and blocklist blank.
The allowlist and blocklist are explained in more detail in Permitting only users with approved email addresses to submit tickets (restricted).
You can also control access using IP restrictions. See Restricting access to Zendesk Support and your Help Center using IP restrictions.
Registration message and verification email notifications
The Sign Up page in the Help Center contains a message prompting users to fill out the registration form.
You can customize this message on the End users (customers) settings page by editing the User registration message. You can also add dynamic content to this message. See Providing multiple language support with dynamic content.
When your users register they receive a welcome email message (called the User welcome email) that prompts them to verify their email address and create a password so that they can sign in to your Help Center.
Users receive a similar email message (called the Email verification email) when they add secondary email addresses to their user profiles. Both of these messages can be customized and both support dynamic content.
Sending the email verification message to users you add
You can also send a welcome email when a new user is created by a team member. This is the same email message shown in the previous section. When you add a user yourself you'll probably also want the user to verify their own email address and then create a password so that they can sign in to Zendesk. Of course you may not want to enable this setting since Zendesk offers many many access, registration, and sign-in options, including single sign-on.
See the following topics for a more detailed description of using the Also send a welcome email when a new user is created by an agent or administrator setting:
Allowing your end users to edit their profiles and change their passwords
Users are allowed to view and edit their profile data by default. This allows your users to add information to their user profiles. For example, they can add secondary email addresses, their Twitter account, and so on. You should disable Allow users to view and edit their profile data if you use remote authentication because your user data is handled outside of your Zendesk account.
Users are also allowed to change their password by default. You would normally want your users to be able to change their own passwords, but should deactivate Allow users to change their password if you administer users and passwords in another system and use remote authentication.
Validating phone numbers
With this setting enabled, phone numbers added to user profiles must be in the internationally standardized E.164 format. E.164 numbers can have a maximum of fifteen digits and are usually written as follows: [+][country code][subscriber number including area code]. Numbers that don't conform to this format won't save to user profiles.
Enabling user tagging
Enabling user tagging allows you to add tags to a user's profile. These tags are then added to the user's tickets, which you can then use to control your workflow. For example, you can use a tag to escalate a specific user's tickets.
The user does not see the tags that have been added to their profile.
For more information, see Adding tags to users and organizations.
Regarding the "Requiring that your users register to use your Zendesk" I'd like to understand what would happen in a particular scenario.
Say a ticket is opened by a registered user but later updated by an unregistered user that is added into the conversation. Since the ticket had already been created does the unregistered user's message still get delivered or is it suspended until they register?
The users response would still be added to the ticket but they will get a welcome email. Their ticket only gets suspended if they email in themselves without having been added by an existing user. Hope this clears things up!
Kharlo | Customer Advocate
"Anybody can submit tickets" is enabled on our end, but the captcha is not present o the "submit a ticket" form.
Any idea why?
I have the same problem as Pedro Reis: "Anybody can submit tickets" is enabled on our end, but the captcha is not present o the "submit a ticket" form.
We are using a custom theme for Guide, but the same happens with Zendesk default theme.
In "Using CAPTCHA" section, it was indicated that the CAPTCHA will only appear if Cloudflare's risk analysis engine is not sure if the one submitting the request is a human or an abusive agent. If Cloudflare has detected a human is submitting the request, the submitter can proceed normally. CAPTCHA is enabled by default and cannot be disabled.
Our set up is "Anybody can submit tickets but you also require registration and email address verification". Is there anyway to prevent anonymous chats via Web Widget? Can we enforce the "Update your profile" form?
The only form that can be enabled in the Chat widget is the Pre-chat form, which require visitors to complete a form before starting a chat. With the option <Require identity> enabled, visitors must provide their name or email before starting a chat.
This is explained in more detail here, Enabling the pre-chat form on the Chat widget.
Some elements of the pre-chat form can be customized as mentioned here How do I customize the pre-chat form?
Currently, you can only use Ticket forms with the classic Web widget. For more details, see Using custom ticket fields and ticket forms with the Web Widget (Classic).
When the pre-chat form is not enabled in your Chat settings, anonymous users are free to access your Chat widget.
If you'd like to have a visitor authentication on your Web Widget, you can do so by setting up JWT authentication. You can find the steps here Enabling authenticated visitors in the Chat widget.
Once the users will be successfully authenticated, they will no longer need to type in their name and email address.
Is there a way to get notified (through email) as an Admin/Agent when a new user/customer has created an account?
Natively, this is not possible. However, you can look into the possibility of using the Webhook Event Type: Support User Created to get notified for all newly created users. In addition, you will also need the endpoint of the app that will receive this payload. You can utilize GMAIL API, or Slack API endpoint for you to be notified continously.
All of the tickets created for our company are from emails coming from our customers, we're not using any forms or chat at the moment. Is there a way to bulk verify all of my customer emails? Or what is the most efficient way for me to verify their emails to ensure they don't end up in the suspend tab?
Our customers do not share a domain with their account; customers have different domains within a single organization/account, including generic email domains like Google. So I can't verify via domain.
Hi Vanessa Radman,
While it's not possible to bulk-verify your users in the agent interface. It's definitely possible through the API. You can find the corresponding endpoints in our Developer resources here: https://developer.zendesk.com/rest_api/docs/support/users#update-many-users
I have End users that would like to see the following options on the Guide side within My Activities:
Are any of these features available via any of the free templates? Or are these enhancements in the works?
Please sign in to leave a comment.