Login
Support home

Resources

Community Video Library Agent Training

Products

Freshservice Freshdesk Freshchat Freshcaller Freshsales Freshteam Freshworks Neo Freshsurvey
Freshservice for MSP
Solution home Security and Policies Helpdesk Security

Restricting service desk access to certain domains

Modified on: Thu, 19 Mar, 2026 at 3:23 PM
Note: This feature works the same across all Freshservice products. Some screenshots or articles may reflect older designs, but the functionality remains unchanged. If certain options do not appear in your account, they may not be included in your current plan.


By default, Freshservice allows users from any email domain to sign up, log in, and create tickets. However, as an MSP, you may want to restrict access so that only authorized clients from specific domains can interact with your support portals.

Note: This functionality remains consistent across all Freshservice products. If certain options are missing from your view, please verify that they are included in your current subscription plan.

How to Configure Domain Restrictions

If you operate in MSP mode, follow these steps to manage which email domains are authorized to use your portals:

  1. Navigate to Settings: Log in as an administrator and go to Admin > Support Channels > Support Portals.

  2. Select Your Portal: Click on the specific portal you wish to manage and switch to the Settings tab.

  3. Global Settings (Multi-workspace): If your account uses multiple workspaces, navigate instead to Admin > Global Settings > Service Desk Restrictions.

  4. Set Restriction Rules: Scroll to the Email Domain Restriction section.

    • Change the setting from "Users from any domain" to "Users from specified domains."

  5. Authorize Domains: Enter the specific email domains (e.g., client-a.comclient-b.com) that are allowed to access the helpdesk.

Understanding Access Logic

To avoid confusion, remember that once you enable restrictions, the system operates on an "Allow-List" basis:

Scenario

System Action

Domain is on your list

Users can sign up, log in, and successfully create tickets.

Domain is NOT on your list

The domain is considered unauthorized. Emails sent from these domains will be dropped, and CCs from these domains will be removed.

Existing Requesters

Any contact already existing in your database is automatically whitelisted, regardless of whether their domain is on the list.

Admin-Created Domains

Any domain manually added to the system by an administrator is automatically considered authorized.

Agent-Created Tickets

If an agent manually creates a ticket for a user from an unauthorized domain, the ticket will not be dropped, and that user will be added to your whitelist.


FAQ: Restricting portal access to logged-in users only

Q: How do I prevent guest users from creating tickets? I only want registered, logged-in users to see my forms.

To secure your portal forms so they are only visible to authorized, authenticated users:

  1. Go to Admin > Support Channels > Support Portal Settings.

  2. Under User Permissions, find the setting: "Who can submit a new ticket on the portal."

  3. Select Logged in Users from the dropdown menu.

  4. Save your changes.