Skip to main content

Usergroup permissions

CRM and usergroups

Usergroups determine what permissions users have. Usergroup membership grants user permissions, much like belonging to an agent permission group does for agents. Unlike with agents, there is no way to set permissions for an individual user.

Users can belong to multiple usergroups, and, as with agent permissions, the effect is additive; a user has all permissions that are granted by any of their usergroups.

You can edit usergroups from CRM > User Groups.


Everyone usergroup

You may want users who aren’t logged in (guests) to be able to access some portal content. There is a special Everyone usergroup which grants permissions to guests. All the permissions you grant to Everyone will be available to every other usergroup.

If you don’t want guests to be able to do anything on your helpdesk (not even browse portal content such as the Knowledgebase), you can disable the Everyone group in CRM > Auth & SSO > Deskpro.


Registered usergroup

The special Registered usergroup grants permissions to all registered users. Every usergroup (apart from Everyone) will have the permissions you grant to Registered.

Another way to think about this is that Registered inherits all the permissions from Everyone, and your custom groups inherit all permissions from Registered.

You can grant extra permissions on top of inherited permissions, but you can’t take permissions away. For example, suppose you want to make a “Basic Users” usergroup which can’t access chat. You must remove chat access from Everyone and Registered, and make sure that users in “Basic Users” aren’t members of other usergroups which grant chat access.

Permissions that are inherited are marked with a padlock, to indicate that they can’t be changed.

You can change how users register, or disable registration and require all user accounts to be created by an agent. See User registration for details.

Portal access and usergroups

For each portal section, you can enable/disable access for the usergroup entirely.

This is different from using the Portal Editor to enable/disable sections altogether. If you disable access to a portal section for the Everyone usergroup, it won’t be seen by any users, but it will still be visible to agents.

For each section, you can enable/disable a usergroup’s ability to rate content and submit content visible to other users, such as comments and feedback items.

For permissions that involve user-visible content, you can also choose whether or not to require agent validation. This means that agents have to approve content to check it is not abusive, spam etc.

Incoming comments and feedback in need of approval will be shown under Comments to Review and Feedback in the agent interface:


User permission details

The user permission settings available are:


  • Can use tickets (disabling this means the user can’t see the Contact Us section)
  • Can re-open resolved tickets

Enabling the “Can re-open resolved tickets” setting means that users can re-open a resolved ticket in the Contact Us section of the user portal, and by replying to an email about the ticket.

If re-opening tickets is enabled, users will see this option on the portal:


If you disable the option, you must select how your helpdesk deals with emails about resolved tickets:


You can choose whether the helpdesk will reject the message and inform the user with an automatic email response, or accept it as a new ticket.


  • Can use chat (disabling this means the user can’t see chat widgets)


  • Can use feedback (disabling this means the user can’t see the Feedback section)
  • Can submit new feedback
    • Do not require agent validation - this means feedback items from these users don’t need to be approved from ‘Feedback to Validate’
  • Can vote on feedback
  • Submit comments on feedback
    • Do not require agent validation - this means comments from these users don’t need to be approved from ‘Comments to Review’


  • Can use knowledgebase (disabling this means the user can’t see the Knowledgebase section)
  • Can rate articles
  • Submit comments on articles
    • Do not require agent validation


  • Can use downloads
  • Can rate downloads
  • Submit comments on downloads
    • Do not require agent validation


  • News
  • Can rate news posts
  • Submit comments on news posts
    • Do not require agent validation

Users with the Do not require agent validation permission can post comments in the relevant portal section and have them go live immediately, without agent approval via the Publish/Feedback apps.

Action rate limiting

Deskpro also limits the number of interface actions that users can attempt in a certain period of time using CAPTCHAs. See the Anti-Abuse Options chapter for details.

Authors list

First published: 23/03/2017

Last updated: Jun 15, 2020 by Grace Howlett