You can configure your Zendesk Support instance to be open, closed, or restricted (see Understanding options for end-user access and sign-in).
This article describes how to set up a closed instance, so that your Help Center is visible to everyone but only the users that you add to your Zendesk account can sign in and submit support requests. Each user's account must be created before they can sign-in and submit support requests.
Closed Zendesk Support, by default, has the following access rules:
- Your Help Center is visible to all visitors, whether they are signed in or not.
- Only verified users you have added to your Zendesk account can submit support requests through the Help Center. Unverified users that have been added to the account can verify themselves by going to the Help Center and requesting a password.
- Both verified and unverified users you have added to your Zendesk account can submit support requests via email to your Zendesk Support address.
- If you have a knowledge base, access is determined by the rules applied to it, as described in Restricting access to knowledge base content.
This article contains the following sections:
Disabling the 'Anyone can submit tickets' option
In a closed Zendesk you disable the option to allow everyone, even visitors who are not signed in, to submit tickets. This means that you have complete control over who uses Zendesk Support. Typically, you'll set up Zendesk Support in this way by adding all your users yourself. Although, there is a way for an anonymous user (someone not already added to Zendesk Support) to still submit support requests and have your agents approve of the request, add the user to Zendesk Support, and add the support request as a ticket to your queue (see When anonymous users submit support requests).
- In Admin Center, click
People in the sidebar, then select Configuration > End users.
- If it's selected, deselect the Anybody can submit tickets option. Note: Deselecting this option can impact Web Widget functionality (see Using restricted Help Center content with Web Widget (Classic)).
- Optionally, in the Account emails section, select the Also send a welcome
email when a new user is created by an agent or administrator option. For more
information, see About new user email
address verification and passwords.Note: If you started using Zendesk on or after August 21, 2013, this option is not available until you enable Guide (see Getting Started with Guide).
- Click Save tab.
The settings you've just made removes the Sign Up link from the sign-in window of your Help Center.
This means that users who access Zendesk Support have no option for self registering (signing up and creating an account). This includes your agents as well. You need to add all your users yourself.
If you also restrict all your content to either agents or signed-in users only (see Restricting your content to registered users only below), the only page that visitors see when they access your Help Center is the sign-in page and, if they don't already have a user account in your Zendesk, they are unable to sign in.
Adding users to a closed Zendesk Support
- Manually adding users one at a time (see Adding end users and Adding agents and admins)
- Adding many users in a bulk import (see Bulk importing users and organizations)
- Adding users via the Zendesk API (see Zendesk API: Users)
By default, when you add a user to your Zendesk, they are unregistered (and therefore unverified). At this stage, they can submit support requests via your support email address, but not through the Help Center. When they register themselves, they become verified users of Zendesk Support, and can submit support requests through both the email address and the Help Center.
The following section explains how email verification works and how user passwords are created when adding users.
About new user email address verification and passwords
Since you're adding your users yourself, rather than allowing them to sign themselves up, you need to think about how the verification process happens. This is where the Also send a welcome email when a new user is created by an agent or administrator option can be helpful. If you set this option, all users you add to Zendesk Support receive the User welcome email message, which prompts them to click a link to verify their email address and then create a password so that they can sign in to your Zendesk. If you want new users to be able to sign in to your Help Center, they each need a password. So by enabling this option you're asking your users to manage email address verification and create passwords themselves.
When you add your users, you have the following options for email verification and passwords if you elect not to send the User welcome email.
- You can tell your users to send support requests via email using your support email address (for example, support@mycompany.zendesk.com).
- Using the Zendesk API, it's possible to both add new users and to also set their
passwords. You can automatically verify all your users' email addresses using the API
verified
parameter. This means that your users will be fully registered and verified. Assuming you also provide them with their passwords, they can immediately sign in to your Help Center. For more information, see Zendesk API: Users. - You can manually verify a user's email address after you've added them to your Zendesk. See Verifying a user's email address in the Zendesk Agent Guide.
When anonymous users submit support requests
Despite your Zendesk Support being closed, it is possible for an agent to create a ticket from a support request from an anonymous user. When you receive a support request from an anonymous user, when you've configured Zendesk Support as closed, the request is added to the Suspended Tickets view. From there an agent can either delete the request or recover it. Recovering the ticket creates a new user account and adds the ticket to your Zendesk. For more information, see Viewing, recovering, and deleting suspended tickets in the Zendesk Agent Guide.
If you send a verification email when a new user is created by an agent or administrator, the User welcome email is sent to the user when the suspended ticket is recovered. The user clicks the link to verify their email address, creates a password, and is then signed in to your Help Center where they can use the knowledge base and submit and track requests.
If you don't send a verification email when a new user is created by an agent or administrator, the user remains unverified and can't sign in. The user receives the ticket received notification, and can respond to the notification via email.
Using enterprise single sign-on (SSO)
If you're using JWT or SAML for user access to Zendesk Support, all user management and authentication happens outside of your Zendesk. Your single sign-on service is synced with Zendesk Support. So, for example, if you add a user account for a new employee, that employee has immediate access to your Zendesk.
When using SSO with a closed Zendesk Support, a few issues may arise. What happens if a user sends an email support request and they're not already a user within the closed Zendesk Support? The user's email support request will be suspended. In other words, if the user doesn't already exist in Zendesk Support, synced to it via your single sign-on service, then the user cannot submit support requests. Only known, legitimate users in your user management system will be able to access the closed Zendesk Support.
You also don't want to select the Also send a verification email when a new user is created by an agent or administrator option because you never want to users to create passwords directly in Zendesk Support. Remember that's all handled outside of your Zendesk.
It's important to remember that social media single sign-on is different. These provide your users with additional ways to sign in to your Zendesk. To use them, your users need to add these social media accounts to their user profiles themselves. You can't do it for them.
Restricting your content to signed-in users only
When you close or restrict Zendesk Support, you also may want to hide all content in your Help Center so that only signed-in users can see it. To do this, you can require that users sign in to access your Help Center (see Restricting Help Center access to signed-in users).
When all your content is restricted to signed-in users, visitors to your Help Center will only see the sign-in page. The users you added to your Zendesk can sign in there and access your content.
16 comments
Alex Short
Hi Zendesk -
Can we please have the understanding of how to do the below?
1. A user(our client) does some action in our website. (e.g: filling a form) and we have their email address in our database. Note that user does not send any email to anybody. He/she just clicks on a button or fills a form.
2. Our backend calls Zendesk API
3. Zendesk should create a ticket , in a way that it seems our client has created this ticket (the ticket should be ready to be replied to the email of our client)
Is this possible? Thank you
0
Cheeny Aban
Hi Alex,
Good day.
Do you have ticket form and web widget enabled on your Account? if yes, then once the customer filled out the form, it will automatically create a ticket on your Zendesk instance.
You can use Using Web Widget to embed customer service in your website to know more information about it.
All the best
Cheeny
-1
William Grote
@...
Is there a way to have a closed or restricted Help Center for just 1 or two brands? Im tryign to make an internal portal just for staff and partners - and even though sign in is required, the options to sign up is available for any visitors.
Our main brand need to remain an open help center
0
Cheeny Aban
Yes, that is possible. You can enable the required sign-in per brand. In Guide, choose the correct brand from the drop-down, click the Settings (
0
William Grote
Thanks. But when I did that in my test brand. The sign in page also included the sign up link. Which defeats the purpose. How do you suppress the sign up link in a closed or restricted brand when your main brand is open?
0
Cheeny Aban
If you would like to completely hide the sign-up button, you may check How can I completely hide the sign up button from my Help Center?
0
Mindy B
If we set a brand to closed for creating tickets, will that affect imported emails that we have set up to create tickets, or only the user's ability to open a ticket through the Guide site?
We are utilizing the Guide for our end users, but we do not necessarily want them to sign in or create tickets in that manner, we would like the emails to be received as tickets though.
0
Dane
When you have a Closed Zendesk setup, all tickets submitted anonymously will go to the suspended view. It does not matter if it was directly via email or via Help Center. If your main goal is to prevent your users to submit tickets on Guide/Help Center you can just remove "Submit a request". This way, all of your tickets will just be generated when an inquiry is sent directly via email.
0
Steven Hampson
Hi there,
How can we see which users have an active login? We require users to register to access the Help Centre and submit tickets, but also have a high volume of users contact us by email, calls, and chat, who also get user records created but have not registered.
For auditing / security I need to see which users specifically have logins for the Help Centre.
Many thanks,
Steven.
0
Sebastian
Steven Hampson, you can use a trigger to add a tag to tickets that were created in the contact form since you know they are the real users. Or you can create views and divide tickets based on the channel they came in.
0
Steven Hampson
Great, thanks Sebastian! I think a view / explore report based on channel should give me what I need. Thanks for the suggestion :)
0
Steven Hampson
Hi there - sorry the solution to my question above is not quite complete. Is there a way I can report on users that have logins, but have not raised a ticket?
For example, they might have signed up and have access to the Help Center but have never raised a ticket yet. We still want to be able to see who has logins to access the Help Center.
Thanks !
0
Gabriel Manlapig
According to the article How do I generate a user's last login date list?, there are a few ways you can get this information:
1) via API: Use the Zendesk API Users endpoint.
2) via JSON export:
3) Explore report: Create a report using any of the Time since user login metrics. For more information, see the article: Metrics and attributes for Zendesk Support. (Only for Zendesk Suite Professional and above)
4) Customer lists: See the article: Creating and using customer lists. Make sure to modify the list to include the Last sign-in column or any other attributes. (Subject to add-on)
These are all the options we have at the moment. I hope you find one here that best suits your needs.
0
Steven Hampson
Thanks Gabriel. It still doesn't give what I need, unfortunately, as the last sign-in date or time since last sign-in includes all those users who have never signed in, regardless of whether they have a login or not. Basically I am trying to see how many users have registered - even if they haven't signed in. It doesn't appear to be possible, but thanks for the suggestions!
0
Ulises
Hi Anton de Young,
If I restrict the account to only added users and I check the option to "Also send a welcome email when a new user is created by an agent or administrator", what would happen to responses from people the registered users cc'd in their responses?
For example, a registered user submits a request and cc's a person who is not registered. Then the cc'd person also responds. Does their response go to the suspended view? If so, how can I make sure the unregistered person does not receive a welcome email?
0
Gab
Great question! By default, when an end user CC replies to a ticket notification using Reply (instead of Reply all), the reply becomes a private comment on the ticket because the requester is not on the reply. CCs are not removed from the ticket. However, if the Make email comments from CCed end users public setting is enabled, the behavior changes and the reply becomes a public comment instead.
More information can be found here: Using "Reply" instead of "Reply all"
The Welcome Email on the other hand, is only sent to the requester or end user submitting the request.
For your reference as well: Customizing the welcome email and the account verification email
0