Agent permissions can be used to control how your agents use the system and which areas they have access to.
Agent permissions are held under their settings. These can be set by roles (e.g. Standard User or Administrator), roles are used to determine agent permissions in bulk. There is a hierarchy to these permissions, with inherited permissions (those from a role) having a lower priority than those directly changed in the agent configuration:
Specifically, if an agent has "Read Only" access inherited from a role and you elevate that permission to a higher level of access, changing the role to "No Access" will not affect that agent's access.
Similarly if a role grants read only permission to customers for example but you wish to revoke their access, you will have to alter the role. You cannot lower their access below that of any role they hold.
Under Configuration > Teams and Agents > Agents and clicking on any given agent will take you to their settings. Head to the permissions tab.
The general permissions speak for themselves, indicating administrator status and whether they can edit their own preferences.
The feature permissions are for access to the global areas accessible in the left hand navigation pane. These directly relate to the modules you have enabled in the configuration.
The tickets permissions dictate how any given agent may interact Halo tickets:
Can add new Tickets - Able to add new tickets to their respective teams and areas
Can view Unassigned Tickets - For any team which the agent belongs they can view unassigned tickets.
Can view Tickets that are assigned to other Agents - Similarly can view tickets for other agents in their teams.
If this is denied, they can only see themselves in any of their teams.
Can change a Ticket's Ticket Type - For any tickets they can view, they can change the ticket type.
Can Re-assign Tickets - Similar to above and allows reassigning of tickets.
Can Edit Advanced Ticket Details - This allows the agent to view and edit ticket details/options normally restricted to administrators.
An example is 'Exclude from SLA' which will strip all SLA information from a ticket.
Editing of Actions - Allows the agent to edit their actions within tickets.
Can Edit All Actions - Allows the editing of actions by other agents.
Can Delete Tickets - As it describes.
The lower set of permissions relate to other areas of Halo.
Ticket type restrictions are the only ticket types accessible to the agent; if none are selected then all are accessible, similarly with the client restrictions.
The other permissions are self-explanatory, with password fields relating directly to the password type of field available in Halo. If this is set to not visible then any field with the data type 'Password' will not be visible to the agent.