Limiting Team Permissions in HelpSpot
In working with hundreds of different organizations implementing HelpSpot I have noticed that many organizations begin by implementing HelpSpot with one department but then quickly find uses for HelpSpot with other departments as well. HelpSpot's tiered pricing makes this process pretty painless in many cases. Often though, departments need to keep their requests separate both for privacy reasons and to keep operations and request organization clear.
HelpSpot provides a permissions system that makes this possible. In this article we'll walk through the steps to set up two separate departments in the same HelpSpot instance. For our example we'll assume that we are rolling HelpSpot out to an HR department and an IT department. This process will involve three steps, setting up the permission group, setting up categories, and configuring staff profiles.
Understanding HelpSpot Permissions
Before we dive into each task it would be good to cover a little bit of how HelpSpot permissions and request organization work. We are going to be working with three basic objects Staff, Categories and Permission Groups.
Staff can be assigned one or more categories that they can work with. Categories are also given to every request. So this relationship matches staff with the requests they should work with.
Staff can be assigned one permission group. The permission group is not related to any individual request. Instead, permission groups control access to various actions and area inside of HelpSpot. The diagram below helps explain how permission groups and category assignments work together to control user activity in HelpSpot.
Setting Up The Permission Group
The first thing that we need to do is configure a permission group to only allow individuals to view request in categories that they are assigned. We'll navigate to Admin → Organize → Permission Groups. Once here, we can create a new permission group called "limited staff". Most of the preferences can be configured based on your needs.
The setting that we need to focus on for this new permission group is "Limit to Assigned Categories Only". With this setting enable the users in this permission group can only see requests in the same categories they are in. Next up we'll create a category for each of our departments.
Setting up Categories
Now that we have our permission group ready we need to add categories for each of our departments. We'll navigate to Admin → Categories and create one category called IT and one called HR. While setting up each category we also have the option to add staff members to the category. You can do this from the category screen or wait till we start modifying the staff profiles.
Configuring Staff Profiles
Next, we'll navigate to Admin → Staff and start working on setting up our staff appropriately. We can complete the needed steps either by editing existing staff or adding new staff members as needed. For out purposes there are two settings we need to set up. First we need to assign the staff members to the "Limited Staff" permission group.
Next, we need to select the appropriate category for the staff member if this wasn't done in the previous step. These two settings will effectively limit the staff member to only be able to work requests that are categorized for their department. As noted earlier, you can add a staff member to one or more categories.
After these settings are configured you are ready to start using HelpSpot with segmented permissions. There are a few other items you may want to consider. You may want to set up auto assignment rules to auto assign request to an appropriate category based on the mailbox or portal that a request is received through. For example emails coming to firstname.lastname@example.org can be configured in Admin → Email Mailboxes to automatically receive the category of "HR". The reason this is important is because the staff members in the "Limited Permissions" group won't be able to view uncategorized requests.
I also want to note before ending this article that you may want to set up multiple permission groups for different teams or departments. The rational behind this is that filters and responses can be shared with permission groups. So if you plan on sharing these items with a specific department, having a permission group for each department may be beneficial.