Agent Permissions

Note

The permissions listed on this page grant access to features that have to be enabled or configured system-wide in the Admin Panel first.

Agent permissions in the New Role dialog

Agent permissions are shown in the middle of the New Role dialog…

Sidebar tabs: Overviews, Knowledge Base, Customer Chat, Phone

…and give users access to new sidebar tabs for communicating with customers.

chat.agent

💬 Customer Chat

Hint

🤓 Requires configuration of Chat Channel

cti.agent

Provides access to 📞 Caller Log

Hint

🤓 Requires configuration of either integrations

knowledge_base

📕 Knowledge Base

knowledge_base.editor

create/edit privileges

Hint

Editor permissions always include reader permissions.

knowledge_base.reader

read privileges for internal content

Hint

Public articles are always visible.

Tip

Zammad supports granular permissions on knowledge base categories.

This function allows agents with editor permissions to restrict specific internal categories & answers to chosen roles.

In order to allow your agents to set granular role permissions, the roles in question require at least reader permission for the knowledge base.

Danger

Keep in mind that this may be dangerous, as reader permission provides access to internal answers!

report

📈 Reporting

Warning

🙅 Never grant this permission to your customers.

Giving customers access to reporting constitutes a serious data breach, as it includes all ticket and user information across the entire system!

Note

This permission is the exception to the rule on this page:

  1. the feature it enables is not for communicating with customers;

  2. the button appears at the bottom of the sidebar; and

  3. it is typically reserved for admins and supervisors.

ticket.agent

🗒️ (Agent) Overviews

Note

🤔 What’s this big table doing here in the middle of my permissions?

Group access table in Edit Role dialog

The group access table is shown when there is more than one active group in the system.

Okay, so remember when we said that “roles are just collections of permissions”? That wasn’t entirely true—they can also be collections of group access levels.

To learn more, see Group Access Levels.

Hint

🤓 Point of technicality

As of Zammad 3.5, you can assign both agent and customer roles to the same user—but but you can’t assign both ticket.agent and ticket.customer permissions to the same role!

To make it work, you need two separate roles: one with ticket.agent and the other with ticket.customer.