Announcing private ticket groups

Return to top

39 Comments

  • Rachel Mooney

    this is wonderful!

    one question – will we be able to add this setting to existing groups, or only when creating new groups?

    thanks!

    5
  • Amber Barnes

    So what happens when someone IS tagged or CC'd who isn't apart of the private group the ticket is assigned to? It just won't send any notification? Does this show in events? 

    2
  • Tiffany King

    Few questions: 

    1. If a ticket is assigned to a private group, can it still be made visible to public groups by reassigning the ticket?
    2. Can tickets that are assigned to a private group still be searched or shown in views to people outside of the private group? In other words, agents outside of the private group is still aware that the ticket is created by new ticket ID and title but they just can't click into or see the ticket comments/details. 
    3. If someone's role allows them to see private tickets, does that mean they can see all private tickets or they have to still be added to each private group? 
    1
  • Sagi M. Welzman

    Sounds interesting 
    Can we get some guidance on how to use this ability  and configuring it  ?  
    Tnx !

    2
  • Alina Wright
    Zendesk Product Manager

    Hi all, PM here.

    Question: will we be able to add this setting to existing groups, or only when creating new groups?

    Answer: You will be able to convert existing groups to private. You will also be able to create brand new private groups. Keep in mind, that once a group is made private, it can not go back to a public setting. A private group will always be private.

    Question: So what happens when someone IS tagged or CC'd who isn't apart of the private group the ticket is assigned to? It just won't send any notification? Does this show in events? 

    Answer: If someone is explicitly added to the ticket via CC or follower, but is NOT part of the private group, then they will be able to access that particular ticket but will NOT be able to access other tickets part of that group. They will receive a notification.

    Question: If a ticket is assigned to a private group, can it still be made visible to public groups by reassigning the ticket?

    Answer: Yes. You can move private tickets as you would tickets in public groups. 

    Question: Can tickets that are assigned to a private group still be searched or shown in views to people outside of the private group? In other words, agents outside of the private group is still aware that the ticket is created by new ticket ID and title but they just can't click into or see the ticket comments/details. 

    Answer: Tickets that are assigned to a private group can not be viewed or searched for by agents not within that private group. They can not click into it because they won't be able to find it. That said, this is an area we're very open to feedback on so please share!

    Question: If someone's role allows them to see private tickets, does that mean they can see all private tickets or they have to still be added to each private group? 

    Answer: An agent will only be able to see the private ticket within the private groups they are in. E.g. they will not be able to see to private tickets in a group in which they do not have a membership.

    Question: Can we get some guidance on how to use this ability  and configuring it ?  

    Answer: Updated documentation can be found here. But in short, once it is live on your account, you'll want to go to ADMIN CENTER > ROLES > & update any roles with the new ticket access type. Then you can go to ADMIN CENTER > GROUPS > & convert or create new groups.

    Documentation Updates:

    https://support.zendesk.com/hc/en-us/articles/4408882153882

    https://support.zendesk.com/hc/en-us/articles/4408886146842

    https://support.zendesk.com/hc/en-us/articles/4408894175130

    https://support.zendesk.com/hc/en-us/articles/4408821199258

    https://support.zendesk.com/hc/en-us/articles/4408834893978

    https://support.zendesk.com/hc/en-us/articles/4408882039450

     

    1
  • Rachel Mooney

    clarification question on this:

    Question: So what happens when someone IS tagged or CC'd who isn't apart of the private group the ticket is assigned to? It just won't send any notification? Does this show in events? 

    Answer: If someone is explicitly added to the ticket via CC or follower, but is NOT part of the private group, then they will be able to access that particular ticket but will NOT be able to access other tickets part of that group. They will receive a notification.

    will the agent still receive notifications and be able to see all private comments on a ticket if they're a CC/follower? or only public comments, since they're not a member of that group?

    0
  • Alina Wright
    Zendesk Product Manager

    Rachel Mooney

    Question: So what happens when someone IS tagged or CC'd who isn't apart of the private group the ticket is assigned to? It just won't send any notification? Does this show in events? 

    Answer: If someone is explicitly added to the ticket via CC or follower, but is NOT part of the private group, then they will be able to access that particular ticket but will NOT be able to access other tickets part of that group. They will receive a notification.

    Question: will the agent still receive notifications and be able to see all private comments on a ticket if they're a CC/follower? or only public comments, since they're not a member of that group?

    Answer: Yes, if you add someone as a cc or follower to a private group AND they don't have access to that private group, they will STILL be able to see private and public comments on that ticket, and that ticket only. CC and followers will not be granted access to other tickets in that private group if they are not already a member. Also looking for feedback on this functionality! We thought it could be an issue however during our limited availability, we received feedback that this is ideal functionality. So let us know!

    0
  • Rachel Mooney

    Alina Wright

    that's actually our issue: if an agent isn't in a particular group, we don't want them to receive private notifications.

    for example, if using ZD internally: an IT agent has a question for the HR team about themselves as an employee, and submits an HR ticket. the IT agent shouldn't see private notes the HR agents are adding, since they should be internal to the HR team, as they may contain discussions & approvals pertaining to them.

    1
  • Sara Ledger

    Is there any plan to make this functionality available to any other plans aside from Enterprise?

    2
  • Andrew Chu

    I have not seen this update in our account yet. Could you check?

    0
  • Ola Timpson

    How do tickets in private groups work in Explore?

    1
  • Alina Wright
    Zendesk Product Manager

    Rachel Mooney - that makes a lot of sense. I imagine we'll be hearing this more often as we expand our user base with access to this new feature. Adding a +1 to our list as a request for this functionality, thank you!

    Andrew Chu - this is rolling out over a 2 week basis. It may not have hit your account yet. You'll see an in app notification once it does.

    Ola Timpson - explore does not currently honor ticket permissions. No changes to explore but they are on the roadmap!

    -1
  • CJ Johnson

    Where are these settings located? 
    The article clearly states this about "groups" but the comments link you to "roles"? Which is this for? 

    0
  • Sydney Neubauer

    Apparently this setting isn't fully rolled out. They began rollout yesterday and will last for about 2 weeks.

    0
  • Alina Wright
    Zendesk Product Manager

    CJ Johnson - the settings are configured in both 'groups' page and 'roles' page. You'll want to create / convert groups from the groups page. You'll want to updated ticket access for roles on the 'roles' page under Ticket Access (at the top).

    Sydney Neubauer - Updating the announcement to make this more clear. 

     

    NOTE TO ALL

    This is rolling out over a two week period started on July 11th for all enterprise customers. You will see an in app notification once the roll out has hit your account.

    0
  • Anthony Del Campo

    Alina Wright, Rachel Mooney and I share this issue.

    One of the issues that I pointed out is when the Requester is also an agent.  Example:  Agent (John Smith) opens a ticket with HR.  Right now, John Smith can see all details of a ticket even though John Smith is not a member of the HR Group.  Is this being addressed with this update?

    I understand the tagging and cc - it adds the person to the CC, and a person on CC can see those tickets.  I assume this fix will only allow the CC person the ability to see Public comments and fields? 

    However, what happens IF someone tags the wrong person. I have 3 Michaels in Zendesk.  I can see where the wrong Michael may be tagged in error.  Zendesk should still protect the ticket details IF the person does not have permission to the Group the ticket is assigned to.

    0
  • Rachael Kolman

    Just to confirm, agents will still be able to assign tickets to these private groups? The tickets themselves would just not be visible to the agent once the ticket is reassigned to the private group?

    0
  • Moe

    This is a great feature, and I'm excited to see what we can do with it.

    Answer: Tickets that are assigned to a private group can not be viewed or searched for by agents not within that private group. They can not click into it because they won't be able to find it. That said, this is an area we're very open to feedback on so please share!

    I think this is great because up to this point, the search feature has allowed agents to circumvent Play Mode. We can't turn off the ability to search for tickets without turning it off for everyone, so making tickets private is a good middle ground.

    Keep in mind, that once a group is made private, it can not go back to a public setting. A private group will always be private.

    I'm assuming the intention is that these groups are for managing tickets that will never need to be public, such as tickets that require special training or contain HIPAA info or something. That being said, it would definitely be nice to have the option to convert groups between types in both directions as business needs change, especially for Enterprise customers who are dealing with higher volume.

    Questions:

    1. Will we be able to use Group | is / is not | Private / Public in triggers and automations?
    2. Can we make a macro available to all private groups, or all public groups, similar to the way we can make them available to all agent groups?
    3. If I'm an agent who is only in public groups and I'm working with an end-user who has a previous ticket assigned to an agent in a private group, will I be able to see that private ticket in the end-user's Requested Tickets history?
    1
  • Alina Wright
    Zendesk Product Manager

    Anthony Del Campo - understood. Adding another marker as a request. We will have some time soon to flush out the functionality on how this might work and will come back to this thread to get thoughts on it! cc: Rachel Mooney

    Rachael Kolman 

    Question: ...agents will still be able to assign tickets to these private groups? The tickets themselves would just not be visible to the agent once the ticket is reassigned to the private group?
    Answer: Agent roles will dictate this functionality to a certain extent. An agent with 'Assign tickets to any group' AND 'Without this, they can only assign tickets to groups they belong to' can assign tickets to both public and private groups. If the checkbox is unchecked, an agent will only be able to assign tickets to groups they belong to. Once the ticket is reassigned AND the agent is not part of that group, that ticket is no longer visible to that agent.

    Moe - thanks for your feedback around conversion. Full transparency, I don't think we'll introduce this concept. It can create a security risk. The idea is that if you're operating in a private space, you assume those comments and information will remain private. Undoing that privacy can lead to unintended privacy leaks.

    Questions:

    Question: Will we be able to use Group | is / is not | Private / Public in triggers and automations?
    Answer: Not yet, but great feedback! Adding to our list. 

    Question: Can we make a macro available to all private groups, or all public groups, similar to the way we can make them available to all agent groups?

    Answer: Not yet, but great feedback! Adding to our list. 


    Question: If I'm an agent who is only in public groups and I'm working with an end-user who has a previous ticket assigned to an agent in a private group, will I be able to see that private ticket in the end-user's Requested Tickets history?

    Answer: It will not be visible. Would love your thoughts!



    0
  • Moe

    Alina Wright

    Full transparency, I don't think we'll introduce this concept. It can create a security risk. The idea is that if you're operating in a private space, you assume those comments and information will remain private. Undoing that privacy can lead to unintended privacy leaks.

    Totally understood!

    Question: If I'm an agent who is only in public groups and I'm working with an end-user who has a previous ticket assigned to an agent in a private group, will I be able to see that private ticket in the end-user's Requested Tickets history?

    Answer: It will not be visible. Would love your thoughts!

    If at all possible, I think it would be great for agents to be able to see the ticket's main information in the list as they would any other (requester, title, assigned group, etc.) but not be able to see the ticket itself. Perhaps an error message when they click on it that lets them know it's assigned to a private group, or some kind of stylization on the ticket history page so they can tell at a glance that it's private.

    The use case is that it's always helpful for agents to know that an end-user's issue has already been reported to or handled by someone else in the organization, even if the agent doesn't fully know what's being discussed in that ticket. End users may reach out through different methods to follow up on previous issues, and an agent not having this context could create unnecessary confusion.

    1
  • Estefani, Christian

    Hmm, it's a good feature, but it's not usable for my situation, nor the situation of people who supports this Community Feedback:

    It would be great if we can set ticket access permission based on brand, too.

     

    Basically, the problem with adding agents to each and every group they need visibility on, even though they don't actually handle tickets assigned to that group, is the nightmare that comes with group email notification triggers.

    They don't need to be notified via email for updates on these other groups.
    They just need to access their tickets when the situation calls for it.

    (Imagine receiving notification emails for 10 groups when you only handle one group.)

     

    In this new feature, "public groups" are irrelevant for us because there is no single group we want to make that will be accessible to all agents in our multi-brand Zendesk instance.

    2
  • Alina Wright
    Zendesk Product Manager

    Moe - such great feedback. Added it to my list, thank you!

    Estefani, Christian - another feature we're exploring and hope to address soon. 

    0
  • Heather Rommel
    Community Moderator
    The Product Manager Whisperer - 2021

    Alina Wright

    I think Moe's feedback is fantastic but I can think of a few scenarios where we (as admins) would want to allow or disallow the subject to be seen by agents outside the private group. For example, if there is an IT group that handles onboarding and offboarding, the title will likely contain the names of the individuals....

    So please allow us to configure this if you decide to make any of the parts of tickets viewable by anyone outside the private groups!

    Thanks

    2
  • Alina Wright
    Zendesk Product Manager

    Heather Rommel - totally! Everything we do from now we want to make as granular as possible to meet the needs of the enterprise. Thanks for your input.

    0
  • Nichole G.

    Just to clarify - will tickets in private groups still be included in reports run for all tickets?

    1
  • Amie Brennan

    Nichole G. I think it's safe to say yes. Tickets in private groups are still tickets... they are just restricted from being views due to permissions. In light of this, you will still be able to report on the ticket itself. 

    0
  • Jamie Noell

    I think private groups will be really helpful.

    1. I hope that someday the role permissions will include whether the role should be able to report on private tickets in Explore or not.  We have a use case where not even the subject line should be visible for a segment of tickets to anyone outside of the restricted groups who handle these tickets.  Consequently, we had to create an entirely separate instance of Zendesk for these restricted groups.  
    2. In fact, I wish that Explore had the permissioning to align what tickets you can report on with the permissions of the tickets you can see in Support overall.
    3. One other evolution that would be nice is to have a permission where you can edit tickets in certain group(s) and have view only access to tickets in other groups.  
    2
  • Fabian Krenz

    With this new feature, is there a possibility that Agents can change or edit contacts which were orginally created during the request of a new ticket for their group?

    We will have 2x groups which are completely private, like HR or internal IT. We have 3x further groups which are customer service teams from different locations. But these 3x groups should have all access to all tickets of these 3x groups - but not access to the private groups HR and IT.

    Is there a way, that the Agents of the 3x groups can manage/edit their organizations and contacts? If they click on a contact, they for sure should not see the tickets of the private groups - hopefully.

    An explanation would be greatly appreciated.

    Thanks!

     

    1
  • Henkka (Pepron)

    Hi guys,

    Excellent feature and long awaited for, thanks for the team!

    Continuing on the issue whether this should only be an enterprise feature.

    It's totally understandable from both product and featurewize that this should fall under only enterprise licenses. Especially if and when for this to fully work it needs roles (available for only enterprise).

    However from a sales point of view for both new and especially existing customers it makes little to no sense to restrict this to only Enterpise licenses.

    For existing customers and with our several sites we are currently buying way less Zendesk licenses because we have had this restriction - we can't add HR or IT without this new feature. Now the situation is we might have a 50-100 agent account setup on Professional where we have had to leave out IT or HR just because this private groups feature was not available.

    So on existing customers IT and HR already use other solutions out of necessity, not so nice, but have them in place because we have had to have them. Now while it's great this feature is added in this situation this means that as an example for a 100 agent setup on the professional suite on the normal license prices adding 30 people from HR and IT makes the annual licence price go from 118 800 €/$ to 232 440€/€. And of course there are other features too that you get with enteprise but this private groups is a fundamental feature which is a show stopper for use cases like IT and HR. So now instead of us happily adding 30 more licenses and paying 154 440 €/$ annually if this would be included on the Professional licenses we decline the update and continue to keep IT and HR out.

    For new accounts there are also lots of use cases where they don't need other enterprise features and again the very high price point in effect when you don't need other features ends up more then not so that the customer keeps their HR and IT people out of Zendesk with sometimes some other tools or a clunky several Zendesk account setup. So again from a sales point of view customers in general buy less licenses.

    It would really make sense to have this feature added to the pro licenses on the current licensing model.

    0
  • Kristian

    Hi Zendesk!

    This is good news - and much needed. But I belive there is a flaw in the setup that needs to be addressed. 

    We work in an environment were we want everyone to be able to "Add, edit and delete for all end users" under the "People" and "End-user profile access" section in a role. We would also like everyone to be able to add and modify organizations. But that access is tied to also being able to add or modify groups. And that would leave the purpose of having a private group to zero - simply because everyone can just add themselves to a private group. 

    The way I see it, one should be able to have a rule (separate permission) for not being able to add oneself (or another for that matter) to a private group or divide the "Can add or modify groups and organizations" into two permissions: one for groups and one for organizations. 

    Can you please update this?

    2

Please sign in to leave a comment.

Powered by Zendesk