Users can be managed individually via UI, via API or even synchronized with third-party directory services.

Zammad creates a user for everyone who communicates with the system. That means even customers get their own accounts, even if they don’t use it to log in to Zammad.

Creating and editing users directly in the Admin Panel

The simplest way to manage users is directly in the Admin Panel.

Learn more about managing users…

Reference Guide: User Details

Most of the attributes you can set on user accounts are self-explanatory. The ones that aren’t are described below.

The edit user dialog, showing the various user detail fields

User details can be set in the New/Edit User dialog.


🕵️ Admins aren’t the only ones who can change these settings.

In most cases, agents can, too (using the new ticket dialog, search bar or the ticket pane).

👤 Login

A user’s email and login may differ, but either one can be used to sign in.

The user overview, showing logins in the first column

User logins are not shown in the New/Edit User dialog, but they are visible from the user overview.

This attribute cannot be set via the Admin Panel. Instead, use the Zammad console, the REST API, or CSV import.

🔑 Password

Yes, administrators really do have the power to change other users’ passwords.

(Agents do not, though.)

🏢 Organization

Organizations are a way to group customers together (usually, members of the same company). This allows you to do things like view all tickets for that company or set up special Triggers that fire only for those customers.

Please note that the organization has to exist before it can be assigned. To add one, go to Manage > Organizations in the Admin Panel.

🏤 Secondary Organizations

This option allows you to assign more organizations, in addition to the user’s primary organization.

Secondary organizations behave the same like the primary ones with one exception: Secondaries are not as highlighted like their primaries.

Listings for all organizational tickets are not affected by this. Zammad will mix primary and secondary organization tickets together.


While the number of secondary organizations is not limited directly, you may want to keep this to a reasonable number of organizations.

30-40 organizations at maximum should be good enough.


This flag is a way for your team to indicate high-status customers. Just as with organizations, you can set up special Triggers, Scheduler jobs, SLAs, and Overviews just for VIPs.

Ticket view showing a VIP user's avatar with a crown on it

VIPs are displayed with a crown above their avatars.

📑 Note

Notes are visible to all staff members, including agents.


😵 Are you using the Note field to keep track of your own “custom” user attributes?

Wish you could add your own fields to the New/Edit User dialog?

You can! To learn more, see Objects.

▶️ Active

Disabling this flag is a soft alternative to deleting a user. So what’s the difference?

  1. There is no way to restore a deleted user; inactive users can be reactivated at any time.

  2. When a user is deleted, all their associated tickets are lost, as well; deactivating a user keeps all associated tickets intact.

  3. Inactive users still appear in search results:

    An inactive user displayed in a customer search list

    A slashed-out 👤 icon indicates an inactive user. In other cases, inactive users are grayed out.


The Roles define what users can do in the system. If you need to grant someone privileges to edit the knowledge base or access part of the admin panel, roles are the answer.

Group Permissions

The Group Permissions define which tickets an agent can work with. If an agent is not receiving notifications for incoming tickets or can’t be assigned to a ticket, you should have a look on the group permissions. Please note that the visibility of the group permission table depends on the role selection. It only shows up, if the selected role has the ticket.agent permission and when there is more than one active group in the system.

Permissions in the edit user dialog

Top: User’s roles decide what kind of actions they can perform and which groups they belong to. Bottom: Group assignments can alternately be set on a per-user basis.