Create an admin of admins that is NOT the account owner
AnsweredHi all,
Request: Please consider adding a new role, an admin of admins that is NOT the account owner. So they can make changes to admin roles.
Business reason:
Starting today (not sure when did it really start, but this wasn't a problem say last month), in order to enable a chat license/change the role, I need to do this from an admin section: 
But as you can see, despite being an admin, my chat role (that I just enabled so I could go in an build a trigger for the team) is grayed out, I cannot switch it to Admin.
I contacted Support and they informed me that due to new changes to security, this change can only be done by the account owner now.
In our case, the account owner manages billing , he is not available to change things back and forth for us.
So, today, I have found myself unable to make the needed changes for team due to this restriction.
Please consider adding this additional role for companies where the billing person/account owner is not a technician/operations mgr working directly on Zendesk.
Thank you!!
-
Hi Barb, thank you for your feedback. For security reasons, an admin is unable to change their own roles but another admin on your account (it doesn't need to be the account owner) can update your Chat role.
Let me know if you have any questions,
Regards, Phil.
-
Hey @... - Can you please elaborate on the rationale behind that decision? I'm the main admin of our instance, we have SSO & 2FA enabled through a secure service (Onelogin). The owner of our account is the SVP of Support. Having to go bother her to change my roles so I can do my job is a weak solution.
An admin user should be able to administrate everything except the billing and subscription (that is reserved for the owner). Force 2FA on all admin accounts for security if you need to (strongly encourage this), but don't make us need to get another admin to change our own role or have to go bug the account owner so I can do the basic tasks of my job.
Please reconsider this choice. I would love to know more about the security reasons behind this decision in case there's an angle I've not considered.
Thanks for considering this request and happy holidays! -
Hi, thank you for your response!
I too would like to know more about why cannot I, as an admin, administer my own access. This is hindering my ability to do my job. Would these security reasons explain why wouldn't Zendesk add an "Admin of admins" , or a "Senior Admin" role? I think this could be a good compromise.
My other admins are contractors, so I cannot easily get them to do this for me, as they may not even be online and are outside my line of command. And as covered, the account owner is not a support tech, is a company vice-president, so it is not the ideal person to change my chat access.
Thank you! -
I agree with Barb, three's a general need for more types of roles and accesses.
Although I see a point of a lesser role not being able to change to a higher permission (which is the case for Barb in individual apps), there's a HUGE need to have cross-app permissions to be an admin for all users regardless of apps.
It is also very strange that the Owner role can only be ONE individual, and they need to be a user. In a lot of companies there's a need for a non-user (within Finance for example) to be able to handle billing and such things.
What are the reasons for not being on par with many other state of the art services? Bandwidth? Discrete code bases between apps? -
I wanted to add my agreement to what Barb, Dan, and John are saying here. It's disappointing that nearly 3 years later, the lack of true admin roles is still a huge pain point for customers. Despite being an admin, I have to ask my VP of sales to do something for me every few days. I've never worked on a platform set up this way.
We want to make Zen work for our team's CRM rather than go through tanother implementation process but you're making it very difficult by not addressing these sorts of issues.
-
On top of things, this should not be marked as answered - as the question here is more general ability to have administrative people/roles handling different aspects (IT = user management, Finance = billing/payments etc..).
The answer relates to a person not being able to change their own rights, which could probably be ok if there were more options for admin roles to begin with.
This is standard practice for most modern SaaS tools...
Please sign in to leave a comment.
6 Comments