Admin Permissions¶

Note

📁 Permissions are namespaced, which is sort of like having files inside of folders.

The permissions listed on this page all belong to the admin namespace. You can select them individually, or you can just select admin to enable the whole bunch.

Admin permissions in the New Role dialog

Admin permissions are shown at the top of the New Role dialog…¶

Screenshot showing admin settings within Zammad.

…and give users access to the pages of the Admin Panel.¶

Please be aware that these permissions only grant access to the settings/configuration in Zammad. If you want to grant agents access to tickets, see agent permissions and group permissions

Permission name	Give access to	Note
`admin.api`	System > API
`admin.branding`	Settings > Branding
`admin.calendar`	Manage > Calendars	Required for SLAs
`admin.channel_chat`	Channels > Chat	Accessing chat for agents: `chat.agent`
`admin.channel_email`	Channels > Email
`admin.channel_facebook`	Channels > Facebook	Accessing Facebook tickets for agents: Group Permissions
`admin.channel_formular`	Channels > Form
`admin.channel_google`	Channels > Google
`admin.channel_microsoft365`	Channels > Microsoft 365
`admin.channel_sms`	Channels > SMS
`admin.channel_telegram`	Channels > Telegram	Accessing Telegram tickets for agents: Group Permissions
`admin.channel_twitter`	Channels > Twitter	Accessing Twitter/X tickets for agents: Group Permissions
`admin.channel_web`	Channels > Web
`admin.core_workflows`	System > Core Workflows
`admin.data_privacy`	System > Data Privacy	🔥 Be careful, it allows users to permanently delete data on the system.
`admin.group`	Manage > Groups
`admin.integration`	System > Integrations
`admin.knowledge_base`	Manage > Knowledge Base	Accessing knowledge base to read/edit articles: `knowledge_base.reader` and `knowledge_base.editor` Make sure to double-check the answer’s visibility.
`admin.macro`	Manage > Macros	In some cases, macros may also require `admin.tag`
`admin.maintenance`	System > Maintenance
`admin.monitoring`	System > Monitoring
`admin.object`	System > Objects
`admin.organization`	Manage > Organizations	Agents can access existing organizations from the search bar, even without this permission. They can even edit an organization’s name, domain, and notes!
`admin.overview`	Manage > Overviews
`admin.package`	System > Packages
`admin.report_profile`	Manage > Report Profiles	Access to view reports: `report`
`admin.role`	Manage > Roles
`admin.scheduler`	Manage > Scheduler	For automation on tickets
`admin.security`	Settings > Security	Settings of Zammad. This also covers third party authentications.
`admin.session`	System > Sessions
`admin.setting_system`	Settings > System
`admin.sla`	Manage > SLAs
`admin.tag`	Manage > Tags
`admin.template`	Manage > Templates
`admin.text_module`	Manage > Text Modules
`admin.ticket`	Settings > Tickets	Does not grant access to Composer Settings
`admin.time_accounting`	Manage > Time Accounting	Also allows the export of timekeeping records.
`admin.translation`	System > Translations	Also enables inline translation
`admin.trigger`	Manage > Triggers
`admin.user`	Manage > Users	Independent from this permission, agents can create and edit customers, but they can’t modify permission etc. 🏴‍☠️ This permission allows users to hijack other user sessions .