Shared Organizations

Operations workflow page for Zendesk shared organizations

By default, organizations are setup so that the users within it can only see and comment on their own tickets. This security measure often doesn’t work for some organizations though.

Because of that, we have the ability to setup Shared Organizations, a term meaning the users in an organization have heightened permissions and can do see and/or comment on tickets that are not theirs.

Pre-checks

Note

There is a security and legal component to this feature. As such, you must ensure all pre-checks are done every single time. When in doubt, get a Fullstack Engineer to review the situaiton.

Before we can proceed to enable a shared organization, three criteria must be met:

The requester has confirmed which type of shared organization is desired
The requester, on behalf of their organization, has approved the inherent security risk shared organizations present
There is not an organization note/detail stating we will not enable a shared organization for them

If any of those criteria have not been met, we cannot proceed.

If all of those criteria are met, make sure to update the ticket metadata to indicate all of that.

Enabling a shared organization

To enable a shared organization:

Navigate to the organization
Click the text next to Users at the top-left
Select Can view all org tickets
On the drop-down below, select the correct option depending on the type they requested
Add a new item in the Details field containing the following:

Shared organization (TYPE) enabled DATE as per TICKET
- Replace TYPE with either read only or read+write
- Replace DATE with today’s ISO formatted date (YYYY-MM-DD)
- Replace TICKET with the ticket’s URL
Add a public comment on the ticket confirming it has been enabled
Mark the ticket as Solved

Disabling a shared organization

To disable a shared organization:

Navigate to the organization
Click the text next to Users at the top-left
Select Can view own tickets only
Add a new item in the Details field containing the following:

Shared organization disabled DATE as per TICKET
- Replace DATE with today’s ISO formatted date (YYYY-MM-DD)
- Replace TICKET with the ticket’s URL
Add a public comment on the ticket confirming it has been disabled
Mark the ticket as Solved

Last modified April 3, 2025: Migrating support readiness handbook to security (9196a840)

View page source - Edit this page - please contribute.