On Enterprise plans, admins can designate a group as private. This means that agents outside the group generally can’t access tickets assigned to it, although agents may be granted permission to view private tickets. While an agent outside the group can assign a public ticket to a private group or a member of a private group, the ticket is made private as a result. Additionally, an agent working on a private ticket is prevented from @mentioning or opening side conversations with team members outside the private group.
This article contains the following sections:
To learn how to set up private groups, see Creating private ticket groups and granting agents access.
Essential facts for private ticket groups
We've distilled some essential facts for you about private ticket groups. To learn how to set one up a private group or convert a public group to private, see Creating private ticket groups and granting agents access.
-
When creating a group, you have the option to designate the group as private. It cannot be converted to public.
-
You can convert an existing public group to private, but it can’t be converted back to public.
-
Tickets in private groups have a private tag with a lock icon (
) as part of the ticket status tag and a lock
icon next to the assigned group's name. In views, the lock icon appears next
to the ticket status for each private ticket in the list. - Access to tickets, including tickets in private groups, is set at the role level. Among native agent roles, Admins and Team Leaders can see tickets in private groups by default. Custom roles can be configured to have access to tickets in private groups. See Granting agents access to tickets in private groups.
-
A private ticket can’t be viewed or searched for by agents who don’t have access to it.
-
If a ticket is reassigned from a public group to a private one, CCs and followers are kept on the ticket and continue to be able to see it.
-
If a ticket is reassigned from a private group to a public one, the ticket becomes visible to public groups.
-
Tickets in private groups are still included in reports run for all tickets.
- Tickets that aren't assigned to a group are treated as if they're in a public group.
- On non-Enterprise plans, agents can only access tickets assigned to a
private group of which they aren't a member if they're the requester or
explicitly added as a CC or follower. They'll only see that particular ticket,
but they will see it as an agent.
On Enterprise plans, admins can configure the visibility of internal comments on tickets an agent requested, regardless of the tickets group assignment. If you restrict agents in your account from seeing internal notes and agent-only fields, they will only be able to access tickets they've requested as an end user.
Limitations of private ticket groups
-
The status of a group as private or public isn't available as a trigger or automation condition. (Group | is / is not | Private / Public)
-
Macros can’t yet be made available to all private groups similar to the way they can be made available to all agent groups.
40 Comments
Is there an update on Explore respecting private groups?
https://support.zendesk.com/hc/en-us/articles/4767122732058/comments/4809959742106
Private group are aimed specifically for agent usage and will not apply to end-users.
Organizations ticket restriction apply to end-users, not private groups. You can check here for details about ticket restriction of end-users at the organization level.
I haven't found the answer to my question in this thread yet, so here goes.
I have created a new Group A to which I will be adding a bunch of new agents to. They have not been in ZD before, and I do not want them to see any of my other Groups (B,C)'s tickets... either current or past. So, I've made Group B and Group C 'Private', and unfortunately a new Group A Agent is still able to see historical tickets that were part of Group B or Group C. How do I restrict visibility into historical tickets under Private Groups from Agents NOT in the Private Group?
Dana Beugless-Spies
I think you're on the right track. Head over to Admin Center > People > Roles. Ensure that the agents assigned to the role have ticket access type set to, "Within their groups". This means that they'll only see tickets in groups where they are members and not any other groups.
Thank you Alina. It turned out that the new agent had been cc'd in some old tickets which are part of the Private groups, and hence was able to see those tickets. All roles and group definitions have been updated, and I'm good to go... for now! :) Thank you!
Hi!
Is there a way to prevent a private group from mentioning members outside the group?
eclect taira
this doesn't directly provide the solution you're asking about - but It seems like this could be handled as a training issue. what i mean by that is that agents might be doing mentions because they need /some/ info, but im guessing the issue is that you don't want them to have /all/ the info, or on-going access to the ticket. to limit/govern that access, training the agent to use a side conversation email may be the best way of accomplishing that.
So many users have admin access so they can work with various aspects of their workspace at our organization. This feature would be much more useful if you could limit admins from being able to access those tickets. Or better yet, allow specific agents (maybe a group) to work with views or macros without having to have admin access.
What is not documented is that Side Conversations to Private groups can no longer be edited even if the requester of that Child ticket is wanting to make an edit. This breaks all current functionality when we need to reach out to HR for answers and it is not documented in this article.
A conversation with Zendesk confirms this is the new behavior and expected. Please change this as in order for our teams to be able to communicate to private groups, they need to have all ticket access or create many SC with the group to continue the conversation
Also wondering!
Please sign in to leave a comment.