Groups, access rights

DaoDesk is a modular solution, thanks to which flexible possibilities of regulating user rights are realized. Each user of the system, regardless of whether it is an employee or a client, is bound to its own group. Each group can be assigned rights and accesses when working with DaoDesk. For example, administrators can have the widest set of rights, supervisors will have full rights to work with requests, reports and analytics, first line employees will have access only to requests, and the content department will have access to editing the knowledge base.

 

1. Group Management

2. Advanced settings

3. Access to departments

 

Group Management

 

Groups are used to manage permissions. To edit them, go from Management to the “Groups, permissions” section:

 

By default, there are two user types in the system:

  1. End user, can only view their requests;
  2. Agent, can view all client requests depending on department accesses, as well as leave and read comments.

 

Please note, when calculating the cost of using the service, we only take into account the Employee type. In other words, an Administrator with the Employee access type is included in the total bill. When calculating the number of employees in the system, rely on their access type.

In the Groups, user rights section you can do it by paying attention to two columns: Type and Number of users.

And three groups are created:

  1. End user;
  2. Administrator (access type - employee);
  3. Employee;

If necessary, you can create new ones.

The “Login access” parameter allows you to prohibit each group from logging into the system. For example, if you uncheck this option for the Client group, users with the Client access type will no longer be able to authorize in the system.

 

To edit group rights, click on the pencil in the “Edit” column and then go to the necessary block.

 

Advanced settings

 

The Advanced Settings block is hidden by default and includes the following settings:

 

  • Default Department - the department that will be selected when a request is created by a user of the group.
  • Default reply's template category - gives the ability to select a specific section of the Knowledge Base in order to speed up the template search for the user.
  • Search in Public Departments - users can search for an application and view it in the Departments that are public to them. You can set public Departments for the selected user group in the next block “Access to Departments”.
  • Observer mode - a user of the group cannot be assigned as an executor in the request.
  • Show the agent only their own requests - restricts an employee to work only with the requests that he/she has created himself/herself and that have been assigned to him/her.
  • Two-factor authentication - allows you to enable two-factor authentication for a group to log in the system.
  • Access via API - allows you to restrict API access to a group of users.
  • IP limit - if you create a list of IP addresses, then users in the group will be able to authorize in the system only if their IP address is in the list. The value should be entered separated by commas. You can use subnet masks.
     

Department accesses


The “Department Accesses” block gives access to Department requests for the selected user group:

 

Note that when you update accesses by department, current users of the group will keep their accesses the same, and the exposed accesses will be displayed by default just for new users of the group.

And if you want to update departmental permissions for all current members of the group, click the “Update rights to” button:

 

The user will be able to see all requests of the marked Department, provided that he/she is also an employee of this Department (the selected departments in his/her user card are responsible for this):
 

 

For example, if an employee has access to the “2nd Line Support” department in the group settings, but does not have such access in his contact card, he will not be able to view requests from this department.

 

If you select “Public Departments”, an employee from the group gets an opportunity to create or transfer a request to a department that is public for him/her, as well as to access (view) it afterwards. But he/she does not have access to other requests of the Public Department. For example, if an employee has access to the “2nd Line Support” department in the group settings, but does not have such access in his contact card, he will not be able to view the requests of this department.

 

If you select “Public Departments”, an employee from the group gets an opportunity to create or transfer a request to a department that is public for him/her, as well as to access (view) it afterwards. But he/she does not have access to other requests of the Public Department. 

© 2025, DaoDesk