Ticket visibility in the Client Portal is controlled through a combination of global security role permissions and application-level settings. By default, users can only view tickets in the Client Portal where they are listed as the requestor or creator. However, organizations often need to grant broader visibility to support roles such as administrative assistants, department managers, and collaborative team members.
This article explains how to configure three types of extended ticket visibility:
Each visibility type requires specific configuration in both global security roles and ticketing application settings. All permission layers must align for users to view tickets - having a global permission alone won't grant access if the application-level setting blocks it, and vice versa.
Ticket visibility in the Client Portal operates through multiple permission layers that work together:
- Global Security Role Permissions - Controls baseline capabilities across all ticketing applications (e.g., "View all requests belonging to assigned accts/depts")
- Application-Level Settings - Determines whether specific ticketing applications honor the global permissions
- Relationship-Based Access - Grants visibility based on the user's relationship to the ticket (requestor, creator, contact)
All three layers must align for a user to view a ticket in the Client Portal. For example, having the global permission to view tickets from assigned accounts/departments won't grant access if the application-level setting blocks it.
Only Global Administrators with the Edit BE Administrators admin permission can grant or modify permissions on global security roles in TDAdmin.
The global security role permission View all requests belonging to assigned accts/depts allows users to view all tickets where the ticket's Account/Department matches one of the user's assigned Accounts/Departments. This works across all ticketing applications where the application-level setting allows it.
Important: Users must have Accounts/Departments assigned to their profile for this permission to grant any access. Without assigned Accts/Depts, this permission has no effect.
This permission is typically granted to a limited group of users, such as administrative assistants, security officers, or managers, rather than being enabled broadly across the organization.
To configure the security role permission:
- In TDAdmin, navigate to Users & Roles > Security Roles
- Select the specific role where you want to enable this permission
- Check “View all requests belonging to assigned accts/depts”
- Click Save
You can override this permission in specific ticketing applications by enabling the application-level option "Allow users in associated accounts/departments with the appropriate permission to view tickets in the Client Portal." When disabled, this prevents the application's tickets from being visible to users, even if they have the global permission.
To enable this setting:
- Navigate to the Settings page:
- Global Admins: TDAdmin > Applications > [Ticketing Application] > Settings
- Ticketing app admins: Work Management > Ticketing Application > Gear Icon > Admin > Settings
- Under Client Portal Visibility Settings, check the box for “Allow users in associated accounts/departments with the appropriate permission to view tickets in the Client Portal”
- Click Save
Tip: Use the application-level override when you have a sensitive ticketing application (such as HR or Security) where you don't want the global permission to apply, even for users who have it enabled in their security role.
The application-level setting Allow requestors/creators to view tickets in the Client Portal determines whether requestors and creators can automatically view any tickets they create or are listed as the requestor on.
To enable this setting:
- Navigate to the Ticketing application Settings page:
- Global Admins: TDAdmin > Applications > [Ticketing Application] > Settings
- Ticketing app admins: Work Management > Ticketing Application > Gear Icon > Admin > Settings
- Under Client Portal Visibility Settings, check the box for “Allow requestors/creators to view tickets in the Client Portal”
- Click Save
Being a contact on a ticket does not automatically grant a user viewing access. However, enabling the application-level setting "Allow ticket contacts to view tickets in Client Portal" allows any user added as a contact to view and comment on that ticket in the Client Portal.
Note: Enabling "Allow ticket contacts to view tickets in Client Portal" in combination with "Automatically add users as a contact when they update or comment" can significantly expand ticket visibility. Any technician who comments internally can view the ticket in the Client Portal.
To enable this setting:
- Navigate to the Ticketing application Settings page:
- Global Admins: TDAdmin > Applications > [Ticketing Application] > Settings
- Ticketing app admins: Work Management > Ticketing Application > Gear Icon > Admin > Settings
- Under Client Portal Visibility Settings, check the box for “Allow ticket contacts to view tickets in Client Portal”
- Click Save
When enabling this setting, also consider the related setting Automatically add users as a contact when they update or comment on a ticket is located on the same page in TDAdmin. When enabling this setting, consider whether you still want the system to automatically add contacts to tickets.
Viewing tickets as a contact:
In the Client Portal, users can click Services > Ticket Requests in the navigation to view all tickets they created or are listed as a requestor on. Ticket contacts can use the Include requests that I am listed as a contact on checkbox to view these additional tickets.
Example 1: Executive Assistant Scenario
Scenario: Chad is Amanda's (CEO) administrative assistant. Chad needs to submit and track service requests on Amanda's behalf.
Configuration:
- Chad's global security role includes "View all requests belonging to assigned accts/depts"
- Chad's user profile lists "Executive Office" as an assigned Acct/Dept
- Amanda's user profile has "Executive Office" as her primary Acct/Dept
- The ticketing application has "Allow users in associated accounts/departments..." enabled
Result: When Chad submits a ticket on Amanda's behalf, he can view and track it in the Client Portal because the ticket's Acct/Dept (Executive Office) matches one of his assigned Acct/Depts.
Example 2: Department Manager Oversight
Scenario: A Finance department manager needs to see all tickets submitted by their department members for oversight purposes.
Configuration:
- Manager's global security role includes "View all requests belonging to assigned accts/depts"
- Manager's user profile includes "Finance" as an assigned Acct/Dept
- All Finance staff have "Finance" as their Acct/Dept
- The ticketing application has "Allow users in associated accounts/departments..." enabled
Result: The manager can view all tickets with the Acct/Dept set to "Finance," even if they didn't create or request the ticket themselves.