You can set up Zendesk Support to allow anyone to see your Help Center or Web portal, sign up, and also submit support requests. This is referred to as an open Zendesk Support instance. You can also set up Zendesk Support so that only the users you add to it are able to use it; this is a closedZendesk Support instance. The third option you have for controlling end-user access is to set up Zendesk Support as restricted. This means that Zendesk Support is visible to all users, but only users with email addresses in domains that you approve are able to successfully register and submit support requests. All other users' requests are either sent to the Suspended Tickets queue or are completely rejected, depending on how you set up your Support instance.
This configuration allows you to restrict access to Zendesk Support, but still allows your users to request support without first having been added to Zendesk Support, as is the case with a closed instance. This configuration also allows you to use Feedback Tabs and Zendesk Chat, which you can't do in a closed Zendesk Support instance.
Enabling the 'Anyone can submit tickets' option
In a restricted Zendesk Support instance you enable the option to allow anyone to submit tickets and then use the whitelist and blacklist to accept or reject those requests.
To enable the 'Anyone can submit tickets' option
- Click the Admin icon () in the sidebar, then select Settings > Customers.
- Select the Anybody can submit tickets option.
- Optionally, in the User welcome email section, select the Also send a verification email when a new user is created by an agent or administrator option.
The next step is to decide if you want your users to register.
Requiring your users to register
When you enable the Anyone can submit tickets option, you can also require your users to register. Requiring registration means that your users must create an account in your Zendesk Support instance, verify their email address, and also create a password. The password is required if they want to log in your Help Center or Web portal to submit support requests, use the parts of your knowledge base that have been restricted to logged-in users only, or to track their support requests. Until their email has been verified, their support requests remain in limbo (in other words, not added to your views and agents cannot work on them). You want your users to verify their own email addresses so that you ensure they are who they say they are.
To require that your users register
- Select the Ask users to register option, which is displayed when you select the Anyone can submit tickets option.
If you don't require registration, your users still have the option of registering themselves. The Sign Up page link is still shown in your Help Center or Web portal. This just means that registration is optional and that the support requests you receive are immediately added to your Zendesk. Tickets are not held up waiting for the user to verify their email address and complete the registration process.
About new user email address verification and passwords
As mentioned above, if you do require your users to register, any support requests they submit are held in limbo until they have verified the email address they used to sign up. Unverified users are also unable to log in since they cannot create a password until they have verified their email address. The Also send a verification email when a new user is created by an agent or administrator option merely sends the same verification email that users receive when they sign themselves up for Zendesk Support. If you add users yourself and you require your users to register you'll probably want to enable this setting. The user will receive the verification email and then be prompted to verify their email address and choose a password so that their support requests are received in your Zendesk Support and they can log in to your Help Center or Web portal.
If you don't enable the Also send a verification email when a new user is created by an agent or administrator option, your users will not receive the verification email when added by agents or admins. How then will they be able to submit a support request or log in to your Help Center or Web portal? Unverified users who haven't received the verification email can initiate that process themselves by doing the following:
- Visiting your Help Center or Web portal and submitting a support request using the Submit a request link
- Sending an email support request to your support email address for the first time
These actions result in the verification email being sent to the user who can then verify their email address and create a password.
Several other options are available to agents and admins. Both can manually verify a user's email address. Of course doing this doesn't also create a password for the user, but if they don't need to log in to your Help Center or Web portal (if you're providing email only support for example) this allows them to submit tickets. Admins also have the option of setting a user's password. This is a password security setting and should be enabled only after you've considered the security implications. It's always best for only the user to create their own password.
Restricting access using the whitelist and blacklist
When you select the Anyone can submit tickets option a number of other options are displayed. In addition to the Require users to register option, you'll also see the Whitelist and Blacklist. You use these to specify the email domains that are either allowed to or prevented from registering and submitting support requests.
Any domains or email addresses you add to the blacklist are prevented from submitting tickets. Your blacklist also affects registration. If a user who has been blacklisted attempts to register using the Sign Up page, they receive this error message:
"Users with the email address firstname.lastname@example.org are not allowed to sign up for this help desk"
To restrict access using the whitelist and blacklist
- In the Whitelist field, add one or more email domains. These are the domains that you are allowing to register and submit tickets.
- In the Blacklist field, enter an asterisk (*) to block all other users. You can also enter specific email domains or email addresses.
Aside from the asterisk (*), which suspends email, you can use the following two keywords to build your rules:
- suspend - The suspend keyword explicitly declares that a specific domain or email address will be sent to the suspended tickets queue. This is identical to blacklisting the domain or email address without a keyword.
- reject - The reject keyword completely rejects the email, which means that it's not added to the suspended tickets queue.
All three keywords can be used together to define your rules.