Create an admin of admins that is NOT the account owner

Answered

4 Comments

  • Phil Grove
    Zendesk Product Manager

    Hi Barb, thank you for your feedback. For security reasons, an admin is unable to change their own roles but another admin on your account (it doesn't need to be the account owner) can update your Chat role.

    Let me know if you have any questions,

    Regards, Phil.

     

    1
  • Dan Ross
    Community Moderator

    Hey @... - Can you please elaborate on the rationale behind that decision? I'm the main admin of our instance, we have SSO & 2FA enabled through a secure service (Onelogin). The owner of our account is the SVP of Support. Having to go bother her to change my roles so I can do my job is a weak solution. 

    An admin user should be able to administrate everything except the billing and subscription (that is reserved for the owner). Force 2FA on all admin accounts for security if you need to (strongly encourage this), but don't make us need to get another admin to change our own role or have to go bug the account owner so I can do the basic tasks of my job. 

    Please reconsider this choice. I would love to know more about the security reasons behind this decision in case there's an angle I've not considered.

    Thanks for considering this request and happy holidays!

    1
  • Barb

    Hi, thank you for your response! 

    I too would like to know more about why cannot I, as an admin, administer my own access. This is hindering my ability to do my job.  Would these security reasons explain why wouldn't Zendesk add an "Admin of admins" , or a "Senior Admin" role?  I think this could be a good compromise. 

    My other admins are contractors, so I cannot easily get them to do this for me, as they may not even be online and are outside my line of command. And as covered, the account owner is not a support tech, is a company vice-president, so it is not the ideal person to change my chat access. 

    Thank you! 

    0
  • John Hargelid

    I agree with Barb, three's a general need for more types of roles and accesses.

    Although I see a point of a lesser role not being able to change to a higher permission (which is the case for Barb in individual apps), there's a HUGE need to have cross-app permissions to be an admin for all users regardless of apps.

    It is also very strange that the Owner role can only be ONE individual, and they need to be a user. In a lot of companies there's a need for a non-user (within Finance for example) to be able to handle billing and such things.

    What are the reasons for not being on par with many other state of the art services? Bandwidth? Discrete code bases between apps? 

    0

Please sign in to leave a comment.

Powered by Zendesk