Admin Permissions

Note

📁 Permissions are namespaced, which is sort of like having files inside of folders.

The permissions listed on this page all belong to the admin namespace. You can select them individually, or you can just select admin to enable the whole bunch.

Admin permissions in the New Role dialog

Admin permissions are shown at the top of the New Role dialog…

Screenshot showing admin settings within Zammad.

…and give users access to the pages of the Admin Panel.

Please be aware that these permissions only grant access to the settings/configuration in Zammad. If you want to grant agents access to tickets, see agent permissions and group permissions

Permission name

Give access to

Note

admin.api

System > API

admin.branding

Settings > Branding

admin.calendar

Manage > Calendars

Required for SLAs

admin.channel_chat

Channels > Chat

Accessing chat for agents: chat.agent

admin.checklist

Manage > Checklist

admin.channel_email

Channels > Email

admin.channel_facebook

Channels > Facebook

Accessing Facebook tickets for agents: Group Permissions

admin.channel_formular

Channels > Form

admin.channel_google

Channels > Google

admin.channel_microsoft365

Channels > Microsoft 365

admin.channel_sms

Channels > SMS

admin.channel_telegram

Channels > Telegram

Accessing Telegram tickets for agents: Group Permissions

admin.channel_twitter

Channels > Twitter

Accessing Twitter/X tickets for agents: Group Permissions

admin.channel_web

Channels > Web

admin.channel_whatsapp

Channels > Whatsapp

admin.core_workflows

System > Core Workflows

admin.data_privacy

System > Data Privacy

🔥 Be careful, it allows users to permanently delete data on the system.

admin.group

Manage > Groups

admin.integration

System > Integrations

admin.knowledge_base

Manage > Knowledge Base

Accessing knowledge base to read/edit articles: knowledge_base.reader
and knowledge_base.editor
Make sure to double-check the answer’s visibility.

admin.macro

Manage > Macros

In some cases, macros may also require admin.tag

admin.maintenance

System > Maintenance

admin.monitoring

System > Monitoring

admin.object

System > Objects

admin.organization

Manage > Organizations

Agents can access existing organizations
from the search bar, even without this permission.
They can even edit an organization’s name, domain, and notes!

admin.overview

Manage > Overviews

admin.public_links

Manage > Public Links

admin.package

System > Packages

admin.report_profile

Manage > Report Profiles

Access to view reports: report

admin.role

Manage > Roles

admin.scheduler

Manage > Scheduler

For automation on tickets

admin.security

Settings > Security

Settings of Zammad. This also covers third party authentications.

admin.session

System > Sessions

admin.setting_system

Settings > System

admin.sla

Manage > SLAs

admin.system_report

System > System Report

admin.tag

Manage > Tags

admin.template

Manage > Templates

admin.text_module

Manage > Text Modules

admin.ticket

Settings > Tickets

Does not grant access to Composer Settings

admin.ticket_auto_assignment

Settings > Ticket > Auto Assignment

admin.ticket_duplicate_detection

Settings > Ticket > Duplicate Detection

admin.ticket_priority

System > Objects >Ticket Priority

admin.ticket_state

System > Objects >Ticket State

admin.time_accounting

Manage > Time Accounting

Also allows the export of timekeeping records.

admin.translation

System > Translations

Also enables inline translation

admin.trigger

Manage > Triggers

admin.user

Manage > Users

Independent from this permission, agents can create and edit
customers, but they can’t modify permission etc.
🏴‍☠️ This permission allows users to hijack other user sessions .

admin.webhook

Manage > Webhook