Note
📁 Permissions are namespaced, which is sort of like having files inside of folders.
The permissions listed on this page all belong to the admin namespace. You can select them individually, or you can just select admin to enable the whole bunch.
admin.apiadmin.brandingSettings > Branding </settings/branding>admin.calendarManage > Calendars </manage/calendars>(required for/manage/slas)admin.channel_chatChannels > Chat </channels/chat>
Hint
🤓 Trying to grant access to send messages in live chats?
Use
chat.agentinstead.
admin.channel_emailChannels > Email </channels/email/index>
Note
There is no specific permission for the Google channel yet. This is an open feature request.
admin.channel_facebookChannels > Facebook </channels/facebook>
Hint
🤓 Trying to grant access to view/update tickets from Facebook?
That’s in
/manage/groups/access-levels.
admin.channel_formularChannels > Form </channels/form>admin.channel_smsChannels > SMS
admin.channel_telegramChannels > Telegram </channels/telegram>
Hint
🤓 Trying to grant access to view/update tickets from Telegram?
That’s in
/manage/groups/access-levels.
admin.channel_twitterChannels > Twitter </channels/twitter>
Hint
🤓 Trying to grant access to view/update tickets from Twitter?
That’s in
/manage/groups/access-levels.
admin.channel_webChannels > Web </channels/web>admin.core_workflowsSystem > Core Workflows </system/core-workflows>admin.data_privacySystem > Data Privacy </system/data-privacy>
Danger
🔥 This permission allows users to permanently delete data on the system. Proceed with caution!
admin.groupManage > Groups </manage/groups/index>admin.integrationSystem > Integrations </system/integrations>admin.knowledge_baseManage > Knowledge Base </manage/knowledge-base>
Hint
🤓 Trying to grant access to read/edit knowledge base articles?
Use
knowledge_base.readerandknowledge_base.editorinstead, and double-check the answer’s visibility.
admin.macroManage > Macros </manage/macros>
Note
In some cases, macros may also require
admin.tag.
admin.maintenanceSystem > Maintenance </system/maintenance>admin.monitoringSystem > Monitoring </system/monitoring>admin.objectSystem > Objects </system/objects>admin.organizationManage > Organizations </manage/organizations>
Note
Agents can access existing organizations from the search bar, even without this permission. They can even edit an organization’s name, domain, and notes!
admin.overviewManage > Overviews</manage/overviews>admin.packageSystem > Packages </system/packages>admin.report_profileManage > Report Profiles </manage/report-profiles>
Hint
🤓 Trying to grant access to view reports?
Use
reportinstead.
admin.roleManage > Roles </manage/roles/index>. 🧐admin.schedulerManage > Scheduler </manage/scheduler>for automation on ticketsadmin.securitySettings > Security </settings/security>settings of Zammad This also covers third party authentications.admin.sessionSystem > Sessions </system/sessions>admin.setting_systemSettings > System </settings/system/index>of Zammadadmin.slaManage > SLAs </manage/slas>admin.tagManage > Tags </manage/tags>admin.text_moduleManage > Text Modules </manage/text-modules>admin.ticketSettings > Tickets </settings/ticket>(does not grant access to/misc/composer)admin.time_accountingManage > Time Accounting </manage/time-accounting>
Hint
This permission may be useful for accounting personnel if they need to be able to export timekeeping records.
admin.translationSystem > Translations </system/translations>(also enables inline translation)admin.triggerManage > Triggers </manage/trigger>admin.userManage > Users </manage/users/index>
Note
🤔 I thought agents could already manage user accounts?
Agents can create and edit customers, but they can’t:
- modify anyone’s permissions (roles or groups)
- modify anyone’s passwords
- edit other agents’ accounts
Danger
🏴☠️ This permission allows users to hijack other user sessions.
To learn more, see
Taking over a user’s session <view-from-users-perspective>.