Note
📁 Permissions are namespaced, which is sort of like having files inside of folders.
The permissions listed on this page all belong to the user_preferences
namespace. You can select them individually, or you can just select user_preferences
to enable the whole bunch.
user_preferences.access_token
Generate API tokens to control Zammad via the REST API
Note
💡 Security Tip
Generated tokens will never have more permissions than the user that generated them.
user_preferences.avatar
Override the default Gravatar with a custom avatar
user_preferences.calendar
Configure the calendar feed
user_preferences.device
Manage device login sessions
Note
💡 Security Tip
Revoking this permission disables “Login detected from a new location” notification emails.
To learn more, see
/manage/trigger/system-notifications
.
user_preferences.language
Configure the UI locale/language
user_preferences.linked_accounts
Manually link accounts after signing in with
third-party authentication </settings/security/third-party>
Note
If
automatic account linking <automatic-account-linking>
fails, this is the only way your users can utilize third-party logins.user_preferences.notifications
Configure ticket notification settings
Note
Agents only receive ticket notifications for
groups they have “full” access to </manage/groups/access-levels>
.Customers can’t receive ticket notifications at all.
user_preferences.out_of_office
Designate a substitute for out-of-office hours
Note
💡 Security Tip
Designating a substitute does not grant that person the permissions /
group access levels </manage/groups/access-levels>
of the agent they’re replacing.
user_preferences.password
Change account password
Warning
🔑 Third-party authentication / LDAP users:
Be sure to revoke this permission for all your users. When using a third-party identity server (like LDAP), the whole point is to let it take care of authentication so that passwords never have to live in Zammad’s database.