Content last updated 2025-12-26

End-users

Documentation on Zendesk end-users

This guide covers how to create, edit, and manage Zendesk end-users at GitLab. It also covers the end-user settings in Zendesk. Administrators should review the Administrator tasks section.

Technical Details

Deployment type: Ad-hoc

Understanding end-users

What are end-users

End-users are the classification of Zendesk user that is below an agent. They are able to access the publicly visible support portals, submit tickets, etc. They are not able to access the agent or backend of Zendesk.

How we manage end-users

Zendesk Global: End-users are managed manually in Zendesk
Zendesk US Government: End-users are automatically synced via the Zendesk-Salesforce Sync

User notes

User notes and details are two separate text fields on user profiles that store custom information:

Notes: Internal information visible only to agents
Details: Additional context about the user

Both fields are automatically posted as internal notes on new tickets via Zendesk triggers.

Requesting a user note update as a non-admin

If you need a user note added, modified, or deleted, please create a Feature Request issue (as it will require manual intervention by the Customer Support Operations team).

Requesting the ban of an end-user as a non-admin

If you need an end-user banned, please post in the #support_operations Slack channel indicating you need a user banned. A member of the Customer Support Operations team will reach out to you (via Direct Message) to work with you on the matter.

Current system end-user settings

The following settings control how end-users can register, authenticate, and interact with the support portal. These settings are documented here for reference and should rarely be changed.

For Zendesk Global

Anybody can submit tickets
- Enabled
  - Require authentication for request and uploads APIs.
  - Ask users to register
  - User registration message
    
    Please fill out this form, and we’ll send you a welcome email to verify your email address and log you in.
- Allowlist
  
  gitlab@gitlab.com google.com
- Blocklist: View directly in Zendesk admin panel - contains sensitive data
Account emails
- Include a list of active Help Centers in account emails
- User welcome email text:
  
  Welcome to GitLab Support. Please click the link below to create a password and login.
- Also send a welcome email when a new user is created by an agent or administrator.
- Email verification email text
  
  We need to verify that you are the owner of this email address. Please follow the link below to verify.
Allow users to view and edit their profile data
- Enabled
Allow users to change their password
- Enabled
Validate user phone numbers
- Enabled
Tags on users and organizations
- Enabled
Allow users to belong to multiple organizations
- Enabled

For Zendesk US Government

Anybody can submit tickets
- Enabled
  - Require authentication for request and uploads APIs.
  - Ask users to register
  - User registration message
    
    Please fill out this form, and we’ll send you a welcome email so you can verify your email address and sign in.
- Allowlist
  
  gitlab@gitlab.com google.com
- Blocklist: View directly in Zendesk admin panel - contains sensitive data
Account emails
- Include a list of active Help Centers in account emails
- User welcome email text:
  
  Welcome to GitLab Federal Support. Please click the link below to create a password and sign-in.
- Also send a welcome email when a new user is created by an agent or administrator.
- Email verification email text
  
  We need to verify that you are the owner of this email address. Please follow the link below to verify.
Allow users to view and edit their profile data
- Enabled
Allow users to change their password
- Enabled
Validate user phone numbers
- Enabled
Tags on users and organizations
- Enabled
Allow users to belong to multiple organizations
- Enabled

Administrator tasks

Note

All sections in this section require Administrator level access to Zendesk.

Creating an end-user

Warning

It is exceedingly rare you will need to do this manually. Consider the reason you are doing this carefully and review all documentation to determine if an alternative process should be used.
We do not alter the Access setting of end-users (i.e. the ability to view more than their own tickets). If end-users want to see organization tickets, they need to use a Shared Organization setup.

To create an end-user in Zendesk:

Hover over + Add at the top-left of the page (when not on the admin panel)
Click User
Fill out the Name
Fill out the Email
Ensure the User type is that of End user
Click Add

Editing an end-user

Warning

For information on organization association, please see our Organization association documentation.

By default, we do not edit end-users. We instead encourage them to do so using the support portal itself:

There are, however, very specific situations where we would edit an end-user.

Resending confirmation email

Warning

This can only be done on an unconfirmed email address. Once confirmed, we cannot resend a confirmation email to that address.

If a user needs the confirmation email resent on their unconfirmed end-user account (i.e. they havent confirmed an email address on their account), you can resend it by doing the following:

Navigate to the end-user’s page in Zendesk
Click the drop-down carrot next to the email address you need to re-send the confirmation email to
Click Resend verification email

Sending a password reset email

To send a password reset email to an end-user:

Navigate to the end-user’s page in Zendesk
Click the Security settings tab
Click the Reset link
Select the brand to use
- For Zendesk Global: GitLab Support
- For Zendesk US Government: GitLab
Click Reset password

Adding or removing a secondary email

Warning

This cannot be done if the email is in use on a different account

To add a secondary email to an end-user:

Navigate to the end-user’s page in Zendesk
Click + add contact on the left-side of the page (below the Primary email attribute)
Click Email
Type the secondary email address (and hit Enter/Return)

Setting a secondary email as the primary

To set a secondary email address as the primary email in Zendesk:

Navigate to the end-user’s page in Zendesk
Click the drop-down carrot next to the email address you want to make the primary
Click Make primary contact

Managing the user note

To modify a user note (or details) of an end-user:

Navigate to the end-user’s page in Zendesk
Click in the textarea you wish to modify (Notes or Details)
Change the text as needed
Click anywhere outside of the textarea

Suspending an end-user

To suspend a user:

Navigate to the end-user’s page in Zendesk
Click the drop-down carrot to the right of + New ticket on the user’s page
Click Suspend
Ensure the reason is Other reason
Ensure the Additional comment is blank
Click Suspend user

Deleting an end-user

End-user deletions occur, primarily, from three different sources.

By end-user request

This occurs where an end-user files a ticket to us requesting their support portal account be deleted. The process for this is:

Send the macro Support::Support-Ops::Confirm Deletion to the end-user in the ticket
If the end-user replies confirming the deletion, then send the macro Support::Support-Ops::Deletion Forthcoming to the end-user in the ticket
Navigate to the end-user’s page in Zendesk
Click the drop-down carrot to the right of + New ticket on the user’s page
Click Delete
Click Confirm on the pop-up that appears

By data-privacy request

This occurs (via Transcend) when a user requests a data-privacy deletion. You should be pinged by the system to do so. You will check if the user exists in Zendesk first. If they do, then you should delete the end-user by doing the following:

Navigate to the end-user’s page in Zendesk
Click the drop-down carrot to the right of + New ticket on the user’s page
Click Delete
Click Confirm on the pop-up that appears

By scheduled deletion

For more information on user deletion, please see the documentation on Automated user deletion.

Compliance level deletion

For more information on compliance level deletions, please see the documentation on Automated user deletion.

Banning an end-user

Danger

This is a serious matter that often needs to involve multiple teams. Confirm if the user needs to be banned from more than the support portal and work with the relevant teams (security, legal, fulfillment, billing, etc.) as needed.

In the event an end-user needs to be banned (due to various reasons, but especially due to misconduct), someone will post in the #support_operations channel about the matter.

Acknowledge the post and direct message the person to get more details.

Once you have all the details, you would then:

Close any non-closed tickets (if needed)

For Zendesk Global (replace TICKET_ID with the ticket’s ID and API_TOKEN with your API token):

curl -ss -X PUT https://gitlab.zendesk.com/api/v2/tickets/TICKET_ID \
  -H "Content-Type: application/json" \
  -d '{"ticket": {"status": "closed"}}' \
  -u support-ops@gitlab.com/token:API_TOKEN

For Zendesk US Government (replace TICKET_ID with the ticket’s ID and API_TOKEN with your API token):

curl -ss -X PUT https://gitlab-federal-support.zendesk.com/api/v2/tickets/TICKET_ID \
  -H "Content-Type: application/json" \
  -d '{"ticket": {"status": "closed"}}' \
  -u supportops@gitlab.com/token:API_TOKEN

Modify the end-user’s notes to add information on the ban (the statement they are being banned, the reason, who to speak to if more details are needed). Something along the lines of this works well:

This user has been banned from the support portal as of YYYY-MM-DD by request of TEAM_NAME team.

This was due to REASON.

If more details are needed, please reach out to the Customer Support Operations team via the #support_operations Slack channel.
- Replacing:
  - YYYY-MM-DD with the current date (in ISO format)
  - TEAM_NAME with the name of the team requesting the ban (ex: Support, Security, Legal, etc.)
  - REASON with the reason (if a relevant ticket is part of the reason, please ensure that is present in the message)
Suspend the user
Modifying system end-user settings, specifically by adding reject:EMAIL_ADDRESS to the Blocklist setting (replacing EMAIL_ADDRESS with the end-user’s email address).

After all that is done, confirm via the original request post the end-user has been banned.

Unbanning an end-user

This is very rare to occur and will likely require a very custom process. Please refer the situation to a Fullstack Engineer to get it looked into.

Modifying system end-user settings

Danger

Exercise extreme caution in doing this, as it can greatly impact the usability of the support portal.
This should only ever be done in two scenarios:
- Banning an end-user
- There is a corresponding request issue (Feature Request, Administrative, Bug, etc.)
Always ensure Current system end-user settings is updated on this page if you change the system end-user settings

To modify the system end-user settings:

Navigate to the admin dashboard for the Zendesk instance
Go to People > Configuration > End users
Make modifications to the settings you wish to change
Click Save tab at the bottom-right of the page

Common issues and troubleshooting

This is a living section that will have items added to it as needed.

Last modified February 12, 2026: Remove aliases from frontmatter (f895738e)

View page source - Edit this page - please contribute.