Restricting tickets visibility to Brand


59 Comentários

  • Comentário oficial
    Alina Wright
    Zendesk Product Manager

    Hello everyone. We are launching the Early Access Program for Brand Based TICKET Access in Q1 of 2024. See below to get signed up for our closed EAP. This EAP is limited to those on Enterprise and above plans. We are only accepting 50 particpants.

    What is the Early Access Program?

    The Early Access Program is designed to provide our customers with early access to new features and improvements. By participating in the EAP, you will have the chance to explore these enhancements ahead of their official release and provide valuable feedback that will help shape the final product.

    What is Brand Based Ticket Access EAP?

    "Brand-based ticket access" in Zendesk allows agents to manage tickets associated only with their assigned brands. This ensures focused support, enhances data privacy, and promotes specialized product knowledge. Agents will now belong to brands and their ticket access will depend on their brand membership. Zendesk Admins will automatically belong to all brands.

    How to Enroll

    Enrolling in the EAP is simple. Just click on the following link: Sign Up for EAP (new!) and follow the instructions to register. Once you've signed up, you'll receive further information on how to access and use the new features. We are planning to launch in Q1 2024 and will follow up prior to any activation. Filling out the Sign Up form does NOT automatically enroll you in the EAP.

    If you have been accepted into the EAP, a few weeks prior to the release of Brand Based Ticket Access EAP, I will email you with instructions, screenshots, and a specific timeline. 

    Expectations of Participants

    As a participant in the EAP, we kindly ask for your active engagement and feedback. This may include participating in surveys, providing feedback on your experience, and reporting any issues you encounter. Your insights and suggestions will be invaluable in helping us refine our products and ensure they meet the needs of all our customers.

  • Heather Rommel
    Community Moderator
    Zendesk Luminary
    The Product Manager Whisperer - 2021

    I am adding my up vote to this - and commenting because it's that important to me - because I really love that Multibrands is an option but a little disappointed with permissions as a whole.... We would like more granular control over who has access to what. In my opinion, we should have the ability to:

    1. Restrict Agents to access and edit TICKETS only in their given brand(s) via role

    2. Restrict as in #1 above but extend read-only access to TICKETS in other brands

    3. Ability to have Read Only FIELDS in Tickets, Users and Organizations

    4. Ability to restrict TICKETS- both hide a given ticket altogether

    5. Ability to hide certain FIELDS on a ticket based on role

    As Zendesk scales, these kinds of requirements will be necessary as more and more companies leverage Zendesk outside of the "usual" ITIL usage by additional departments and for different processes. 

    Bottom line: Since Zendesk's collection of product offerings are expanding, the permission structure needs to grow with it!

    Please and thank you :)

  • Estefani, Christian

    I'm glad to see my company's not the only one who needs this function!

    Our Zendesk instance contains a CITD brand and an HR brand, and agents associated with one brand should not have access to the other brand's tickets (due to confidential content).

    We cannot create a separate instance for the other brand because it is difficult to manage our agent license count for two separate brands (unless Zendesk allows free transferring of licenses between instances?).
    This is because the number of agents we have per brand changes quite often, and we cannot estimate how many licenses are needed per brand. (It'd be a waste to have too many excess instance-specific licenses, considering their price.)

    Currently, we are using the workaround of:

    1. Restricting agent access to groups; and
    2. Adding the agents to ALL groups associated with their brand.

    However, this workaround is highly inefficient because:

    1. Agents receive notification emails for tickets they are not currently in charge of (because they're added to the other groups); and
    2. It is quite challenging to assign a ticket to a specific person under a specific group because the agent's name appears under so many groups.

    Take note that our CITD brand alone has over 50 Zendesk groups, and we have many other brands aside from that one that have a lot of groups.

    I hope this suggestion gets approved and then implemented soon!


    Basically, here is my suggested function:

    In role settings, under "What kind of tickets can this agent access?", there should be this option:
    All within this agent's brand(s)

    When that option is chosen, there should be a new setting asking which brands to associate the role with.
    I think this mechanic can be similar to ticket forms:

    Then, agents under that role can only access a ticket if it's assigned under the associated brand.
    (Of course, not counting tickets they're CC'ed to or a requester of.)

  • MTech Systems

    I completely agree.  This needs to happen!  I need all agents to have access to all brands except for just one brand.  That one brand needs to be private for only a select group of folks.

  • Estefani, Christian

    Hello! I have a few more suggestions on how we can make Zendesk a more brand-focused experience for our agents.

    1. Zendesk role should also set a default value for the following in the Agent Workspace:
      - Which brand is immediately shown when opening the ticket creation page
      - Which form is immediately shown
      - Which Help Center loads from the Guide shortcut
    2. Zendesk group should be associated with a brand.
      (One brand each, or maybe more, like with Zendesk forms?)
    3. When opening the Assignee field in the ticket form, groups from other brands should be collated into their brands, so that agents can only see groups from other brands only when they purposely want to (like in cross-brand escalation).
    4. The following should also have brand-based permission: (Or role-based permission if the role can be associated with a brand)
      - Access to tickets
      - Access to suspended emails (can only see suspended emails to addresses associated with their brand)
      - Views
      - Macros

    Basically, I hate that the Zendesk Agent Workspace defaults to the main brand, and agents from other brands have to manually change their brand and form when creating tickets.

    I also hate that ticket viewing permissions are so inefficient and suspended email viewing permissions are practically unavailable for them.

  • Jamie Noell
    Zendesk Luminary

    Yes, please!!!

    Macro and view: Can you please allow view and macro permissions to be by brand.  Today, we have global, by agent and for me only.  Please add brand as an option as we have to pick so many groups when granting macro and view access.

    Suspended tickets: Please restrict by brand as well. Data privacy is key to our company, and we have non-admins who help manage suspended tickets for their respective brands.  Zendesk's suspended view does not even have the recipient.  We did buy Shredder, which helps with rules and shows the recipient email, so each division sorts by the recipient email.  However, ideally, we don't want Brand A people to even see suspended emails for Brand B, C or D.

    Explore: Ideally, we could grant by brand permission on datasets in Explore.

  • Kim Lake

    +1, required - we need an ability to assign brand visibility to agents

  • Paul Maillard

    Highly needed, especially with the Invoice Team using Zendesk !

    Please, make it happen quickly !!

  • Dawn Anderson

    Agreed, this is needed!


    We have QA agents that need access to some tickets and don't want to give them the permission to view all tickets as it's not appropriate for them to have this access.

    Any movement on this please?

  • Max McCal
    Zendesk Product Manager

    Hey, François Bellavance 

    This feature will be available in January as an early access program. We will definitely make an update here once it is live with instructions on how to get access. 

  • Alina Wright
    Zendesk Product Manager

    Elena - the first phase of the EAP will only focus on Tickets. The next is end users, then we'll move onto triggers, macros, SLA's, etc.

  • Grzegorz Ksiazek

    Hey Zendesk Support Product Owner,


    What are the plans to implement this?

    Is this even on a roadmap?



  • Wesley Bowles

    Adding a +1 here as well. The current solutions laid out here aren't scalable and leave a lot of room for error. Within the "roles" functionality we should be able to identify which brands those roles belong to. 

  • Josh

    +1 definitely needed if you're going to support multiple brands.

  • Jerry Ishmael

    Would also like to see light agents restricted to Brand and Forms. This would truly provide an enterprise solution for those who require it. 

  • Nicole Putman


    I want to add, as we are about to move our HR Team into our main instance from their own do to work overlap and reporting needs, there is another issue that has no resolution:

    If a non-HR Team Agent in Zendesk sends in a ticket to HR Support in this new joint instance environment, because they are on the ticket as the requester, they have access to the ticket. But, worse, as an Agent in Zendesk, they can see the private notes that are being entered by the HR team. This is a big issue, especially in Employee relations situations.


    Laid out:

    • Agent A is in Brand for IT- Cannot see HR Brand tickets
    • Agent A sends a ticket in for a personal issue to HR support

    Issue: As a requester, Agent A can see this new ticket in Zendesk by looking at their requested tickets, including all HR Agent private notes on tickets, even though the ticket is not in their Brand.


    There should be a way to restrict agent access further inside Brand to allow for end-user experience for Agents in Zendesk when sending support requests to other teams.

    It could be an additional field under the Role settings:

    Restricting their access as a requester, removing the ability to see private notes out of Brand unless added as a follower or cc'd.


  • prakash.sati

    Waiting! as this is a must have feature for Multi-brand setup. 

  • Josh

    +1 for me on this. We need brands to be almost completely separate when it comes to agent access. Right now that is not possible. Agent A can see all brands, so we have to special groups and try to hide things and it's really clunky.

  • TradeSmith Support

    +1 - Following this thread.  We could use this feature as well. 

  • Josh

    This most likely won't move anywhere anytime soon. We've been on ZD enterprise for almost 10 years and this was never considered.

  • prakash.sati

    +1 this is a must have have feature when you are offering Multi Brand setup!!!

  • Seacret

    Is there a timeline for this and will it only be available on Enterprise or will it be available on other options such as professionals?  


  • Alina Wright
    Zendesk Product Manager

    Quick update for you all. Brand Based Ticket Access is underway with a hopeful EAP in the early half of 2024. The first release will focus only on ticket partitioning by brand with follow on releases focusing on end user profiles, business rules, and more.

  • François Bellavance

    Hi, what's the ETA on this? This was supposed to be planned on 2023 but the year is almost over.

    And when restricting agents to brands, I suggest for them to not have access to each other talk lines. I currently have 8 agents on a line and 3 on another and they can use one line or another but it's not a good way to do.

  • François Bellavance

    Thanks a lot, you made my day and the one for my team.

  • Ritchie Robertson

    The problem I have is that we require agents to not be able to create tickets for certain brands but still be able to view all tickets within one brand.

  • chris.heap

    +1 for this feature. We have over 5 brands each with a dedicated support team that really have no interaction with tickets relating to other brands. Another related consideration for this is for suspended tickets to be available to each brand, having to grant access to all tickets to be able to manage suspend tickets is not good.

  • MTech Systems

    Still important to me and my team!  Restricting one of our brands to be accessible by only one group would make life much better for us.  Thanks. 

  • Sarah Anscombe

    Following - as this would be helpful for us too.


  • Aja Varney
    Zendesk Luminary

    Agreed! +1 for me. 

    We have a large use case with many "brands".... but most agents are tasked with one brand or the other. 
    Would be excellent to be able to restrict user to brand(s) - multi select. 


Por favor, entrar para comentar.

Powered by Zendesk