Note
📁 Permissions are namespaced, which is sort of like having files inside of folders.
The permissions listed on this page all belong to the admin
namespace. You can select them individually, or you can just select admin
to enable the whole bunch.
admin.api
admin.branding
Settings > Branding </settings/branding>
admin.calendar
Manage > Calendars </manage/calendars>
(required for/manage/slas
)admin.channel_chat
Channels > Chat </channels/chat>
Hint
🤓 Trying to grant access to send messages in live chats?
Use
chat.agent
instead.
admin.channel_email
Channels > Email </channels/email/index>
Note
There is no specific permission for the Google channel yet. This is an open feature request.
admin.channel_facebook
Channels > Facebook </channels/facebook>
Hint
🤓 Trying to grant access to view/update tickets from Facebook?
That’s in
/manage/groups/access-levels
.
admin.channel_formular
Channels > Form </channels/form>
admin.channel_sms
Channels > SMS
admin.channel_telegram
Channels > Telegram </channels/telegram>
Hint
🤓 Trying to grant access to view/update tickets from Telegram?
That’s in
/manage/groups/access-levels
.
admin.channel_twitter
Channels > Twitter </channels/twitter>
Hint
🤓 Trying to grant access to view/update tickets from Twitter?
That’s in
/manage/groups/access-levels
.
admin.channel_web
Channels > Web </channels/web>
admin.core_workflows
System > Core Workflows </system/core-workflows>
admin.data_privacy
System > Data Privacy </system/data-privacy>
Danger
🔥 This permission allows users to permanently delete data on the system. Proceed with caution!
admin.group
Manage > Groups </manage/groups/index>
admin.integration
System > Integrations </system/integrations>
admin.knowledge_base
Manage > Knowledge Base </manage/knowledge-base>
Hint
🤓 Trying to grant access to read/edit knowledge base articles?
Use
knowledge_base.reader
andknowledge_base.editor
instead, and double-check the answer’s visibility.
admin.macro
Manage > Macros </manage/macros>
Note
In some cases, macros may also require
admin.tag
.
admin.maintenance
System > Maintenance </system/maintenance>
admin.monitoring
System > Monitoring </system/monitoring>
admin.object
System > Objects </system/objects>
admin.organization
Manage > Organizations </manage/organizations>
Note
Agents can access existing organizations from the search bar, even without this permission. They can even edit an organization’s name, domain, and notes!
admin.overview
Manage > Overviews</manage/overviews>
admin.package
System > Packages </system/packages>
admin.report_profile
Manage > Report Profiles </manage/report-profiles>
Hint
🤓 Trying to grant access to view reports?
Use
report
instead.
admin.role
Manage > Roles </manage/roles/index>
. 🧐admin.scheduler
Manage > Scheduler </manage/scheduler>
for automation on ticketsadmin.security
Settings > Security </settings/security>
settings of Zammad This also covers third party authentications.admin.session
System > Sessions </system/sessions>
admin.setting_system
Settings > System </settings/system/index>
of Zammadadmin.sla
Manage > SLAs </manage/slas>
admin.tag
Manage > Tags </manage/tags>
admin.text_module
Manage > Text Modules </manage/text-modules>
admin.ticket
Settings > Tickets </settings/ticket>
(does not grant access to/misc/composer
)admin.time_accounting
Manage > Time Accounting </manage/time-accounting>
Hint
This permission may be useful for accounting personnel if they need to be able to export timekeeping records.
admin.translation
System > Translations </system/translations>
(also enables inline translation)admin.trigger
Manage > Triggers </manage/trigger>
admin.user
Manage > Users </manage/users/index>
Note
🤔 I thought agents could already manage user accounts?
Agents can create and edit customers, but they can’t:
- modify anyone’s permissions (roles or groups)
- modify anyone’s passwords
- edit other agents’ accounts
Danger
🏴☠️ This permission allows users to hijack other user sessions.
To learn more, see
Taking over a user’s session <view-from-users-perspective>
.