Agent Permissions

Note

The permissions listed on this page grant access to features that have to be enabled or configured system-wide in the Admin Panel first.

Agent permissions in the New Role dialog

Agent permissions are shown in the middle of the New Role dialog…

Sidebar tabs: Overviews, Knowledge Base, Customer Chat, Phone

…and give users access to new sidebar tabs for communicating with customers.

x

chat.agent

💬 Customer Chat

Hint

🤓 Requires configuration of Chat Channel

cti.agent

Provides access to 📞 Caller Log

Hint

🤓 Requires configuration of either integrations

knowledge_base

📕 Knowledge Base

knowledge_base.editor

create/edit privileges

Hint

Editor permissions always include reader permissions.

knowledge_base.reader

read privileges for internal content

Hint

Public articles are always visible.

Tip

Zammad supports granular permissions on knowledge base categories.

This function allows agents with editor permissions to restrict specific internal categories & answers to chosen roles.

In order to allow your agents to set granular role permissions, the roles in question require at least reader permission for the knowledge base.

Danger

Keep in mind that this may be dangerous, as reader permission provides access to internal answers!

report

📈 Reporting

Warning

🙅 Never grant this permission to your customers.

Giving customers access to reporting constitutes a serious data breach, as it includes all ticket and user information across the entire system!

Note

This permission is the exception to the rule on this page:

  1. the feature it enables is not for communicating with customers;

  2. the button appears at the bottom of the sidebar; and

  3. it is typically reserved for admins and supervisors.

ticket.agent

🗒️ (Agent) Overviews

Note

🤔 What’s this table doing here under the permissions tree?

Group permission table in Edit Role dialog

The group permission table is shown when there is more than one active group in the system and ticket.agent permission is selected.

Okay, so remember when we said that “roles are just collections of permissions”? That wasn’t entirely true—they can also be collections of group permissions.

To learn more, see Group Permissions.

Hint

🤓 Point of technicality

You can assign both agent and customer roles to the same user — but you can’t assign both ticket.agent and ticket.customer permissions to the same role!

To make it work, you need two separate roles: one with ticket.agent and the other with ticket.customer.