diff --git a/src/app/[locale]/support/[id]/page.tsx b/src/app/[locale]/support/[id]/page.tsx
new file mode 100644
index 0000000..334ff8e
--- /dev/null
+++ b/src/app/[locale]/support/[id]/page.tsx
@@ -0,0 +1,103 @@
+import { notFound, redirect } from "next/navigation";
+import { getTranslations, getFormatter } from "next-intl/server";
+import { getSessionUser } from "@/lib/session";
+import {
+  getSupportTicketById,
+  listCommentsForTicket,
+} from "@/lib/db";
+import { Card } from "@/components/ui/card";
+import { BackLink } from "@/components/ui/back-link";
+import { TicketStatusBadge } from "@/components/support/ticket-status-badge";
+import { TicketCategoryLabel } from "@/components/support/ticket-category-label";
+import { TicketThread } from "@/components/support/ticket-thread";
+import { TicketAdminControls } from "@/components/support/ticket-admin-controls";
+import { formatDateTime } from "@/lib/format";
+
+/**
+ * /support/[id] — single ticket detail.
+ *
+ * Same UI for customer and admin; admin gets an extra
+ * `<TicketAdminControls>` block for changing status/category. The
+ * customer side gets a "Close ticket" link if they want to mark it
+ * resolved themselves.
+ *
+ * Authorization mirrors the API: customer sees their own; platform
+ * admin sees any. 404 (not 403) when a customer accesses someone
+ * else's ticket — don't leak existence.
+ */
+export default async function TicketDetailPage({
+  params,
+}: {
+  params: Promise<{ id: string }>;
+}) {
+  const user = await getSessionUser();
+  if (!user) redirect("/login");
+  const { id } = await params;
+  const ticket = await getSupportTicketById(id);
+  if (!ticket) notFound();
+  if (!user.isPlatform && ticket.zitadelUserId !== user.id) {
+    notFound();
+  }
+  const comments = await listCommentsForTicket(id);
+  const t = await getTranslations("support");
+  const f = await getFormatter();
+
+  return (
+    <main className="max-w-3xl mx-auto px-6 py-8">
+      <div className="mb-6 animate-in">
+        <BackLink href="/support" label={t("title")} />
+        <div className="flex items-start justify-between gap-3 mt-2">
+          <h1 className="font-display text-2xl font-semibold">
+            {ticket.title}
+          </h1>
+          <TicketStatusBadge status={ticket.status} />
+        </div>
+        <div className="text-xs text-text-muted mt-2 flex items-center gap-2 flex-wrap">
+          <TicketCategoryLabel category={ticket.category} />
+          <span>·</span>
+          <span>
+            {t("openedBy", {
+              name: ticket.contactName,
+              when: formatDateTime(ticket.createdAt, f),
+            })}
+          </span>
+          <span>·</span>
+          <span className="font-mono">#{ticket.id.slice(0, 8)}</span>
+        </div>
+      </div>
+
+      {/* Original ticket description, rendered as the first message
+          in the thread. Visually distinct via the customer-author
+          styling (handled inside <TicketThread>). */}
+      <div className="space-y-4 animate-in animate-in-delay-1">
+        <Card>
+          <div className="flex items-center justify-between text-xs text-text-muted mb-2">
+            <span className="font-medium text-text-primary">
+              {ticket.contactName}
+            </span>
+            <span>{formatDateTime(ticket.createdAt, f)}</span>
+          </div>
+          <div className="text-sm text-text-primary whitespace-pre-wrap">
+            {ticket.description}
+          </div>
+        </Card>
+
+        <TicketThread
+          ticketId={ticket.id}
+          ticketStatus={ticket.status}
+          comments={comments}
+          isPlatform={user.isPlatform}
+          isOwnTicket={ticket.zitadelUserId === user.id}
+        />
+
+        {user.isPlatform && (
+          <TicketAdminControls
+            ticketId={ticket.id}
+            currentStatus={ticket.status}
+            currentCategory={ticket.category}
+          />
+        )}
+      </div>
+    </main>
+  );
+}
diff --git a/src/app/[locale]/support/new/page.tsx b/src/app/[locale]/support/new/page.tsx
new file mode 100644
index 0000000..0633e8a
--- /dev/null
+++ b/src/app/[locale]/support/new/page.tsx
@@ -0,0 +1,37 @@
+import { redirect } from "next/navigation";
+import { getTranslations } from "next-intl/server";
+import { getSessionUser } from "@/lib/session";
+import { TicketCreateForm } from "@/components/support/ticket-create-form";
+import { BackLink } from "@/components/ui/back-link";
+
+/**
+ * /support/new — create ticket form.
+ *
+ * Platform admins shouldn't open tickets via this UI (they'd be
+ * opening one as if from a customer, which is confusing). Redirect
+ * them back to the queue. Non-admins of any role can create.
+ */
+export default async function NewTicketPage() {
+  const user = await getSessionUser();
+  if (!user) redirect("/login");
+  if (user.isPlatform) redirect("/support");
+  const t = await getTranslations("support");
+
+  return (
+    <main className="max-w-3xl mx-auto px-6 py-8">
+      <div className="mb-8 animate-in">
+        <BackLink href="/support" label={t("title")} />
+        <h1 className="font-display text-2xl font-semibold accent-rule mb-2">
+          {t("newTicketTitle")}
+        </h1>
+        <p className="text-text-secondary text-sm mt-4">
+          {t("newTicketSubtitle")}
+        </p>
+      </div>
+
+      <div className="animate-in animate-in-delay-1">
+        <TicketCreateForm />
+      </div>
+    </main>
+  );
+}
diff --git a/src/app/[locale]/support/page.tsx b/src/app/[locale]/support/page.tsx
new file mode 100644
index 0000000..fc7d990
--- /dev/null
+++ b/src/app/[locale]/support/page.tsx
@@ -0,0 +1,97 @@
+import { redirect } from "next/navigation";
+import Link from "next/link";
+import { getTranslations, getFormatter } from "next-intl/server";
+import { getSessionUser } from "@/lib/session";
+import {
+  listSupportTicketsForUser,
+  listAllSupportTickets,
+} from "@/lib/db";
+import { Card } from "@/components/ui/card";
+import { formatRelative } from "@/lib/format";
+import { TicketStatusBadge } from "@/components/support/ticket-status-badge";
+import { TicketCategoryLabel } from "@/components/support/ticket-category-label";
+
+/**
+ * /support — ticket list.
+ *
+ * Customers see their own tickets only (per Feature 5: per-user
+ * scope, NOT per-org). Platform admins see the global queue. Same
+ * UI shell, different list source — the rendering logic is
+ * identical because the per-row data is the same shape.
+ *
+ * Sorting: newest activity first (the DB query already orders by
+ * updated_at DESC). Open tickets bubble to the top by virtue of
+ * having recent activity, but we don't sort by status; that's a
+ * filter the admin can add later if the queue grows.
+ */
+export default async function SupportListPage() {
+  const user = await getSessionUser();
+  if (!user) redirect("/login");
+  const t = await getTranslations("support");
+  const f = await getFormatter();
+
+  const tickets = user.isPlatform
+    ? await listAllSupportTickets()
+    : await listSupportTicketsForUser(user.id);
+
+  return (
+    <main className="max-w-5xl mx-auto px-6 py-8">
+      <div className="mb-8 animate-in flex items-end justify-between">
+        <div>
+          <h1 className="font-display text-2xl font-semibold accent-rule">
+            {user.isPlatform ? t("titleAdmin") : t("title")}
+          </h1>
+          <p className="text-sm text-text-secondary mt-3">
+            {user.isPlatform ? t("subtitleAdmin") : t("subtitle")}
+          </p>
+        </div>
+        {!user.isPlatform && (
+          <Link
+            href="/support/new"
+            className="text-sm font-medium px-4 py-2 rounded-lg bg-accent text-white hover:bg-accent/90 transition-colors"
+          >
+            {t("newTicket")}
+          </Link>
+        )}
+      </div>
+
+      {tickets.length === 0 ? (
+        <Card className="animate-in animate-in-delay-1">
+          <p className="text-sm text-text-secondary text-center py-6">
+            {user.isPlatform ? t("emptyAdmin") : t("empty")}
+          </p>
+        </Card>
+      ) : (
+        <div className="space-y-2 animate-in animate-in-delay-1">
+          {tickets.map((tk) => (
+            <Link
+              key={tk.id}
+              href={`/support/${tk.id}`}
+              className="block rounded-xl border border-border bg-surface-1 p-4 hover:border-text-secondary transition-colors"
+            >
+              <div className="flex items-start justify-between gap-3">
+                <div className="min-w-0">
+                  <div className="font-medium text-text-primary truncate">
+                    {tk.title}
+                  </div>
+                  <div className="text-xs text-text-muted mt-1 flex items-center gap-2">
+                    <TicketCategoryLabel category={tk.category} />
+                    <span>·</span>
+                    <span>{formatRelative(tk.updatedAt, f)}</span>
+                    {user.isPlatform && (
+                      <>
+                        <span>·</span>
+                        <span className="font-mono">{tk.contactEmail}</span>
+                      </>
+                    )}
+                  </div>
+                </div>
+                <TicketStatusBadge status={tk.status} />
+              </div>
+            </Link>
+          ))}
+        </div>
+      )}
+    </main>
+  );
+}
diff --git a/src/app/api/support/tickets/[id]/comments/route.ts b/src/app/api/support/tickets/[id]/comments/route.ts
new file mode 100644
index 0000000..646a547
--- /dev/null
+++ b/src/app/api/support/tickets/[id]/comments/route.ts
@@ -0,0 +1,149 @@
+import { NextRequest, NextResponse } from "next/server";
+import { z } from "zod";
+import { getSessionUser } from "@/lib/session";
+import {
+  getSupportTicketById,
+  createSupportTicketComment,
+  updateSupportTicket,
+} from "@/lib/db";
+import {
+  sendSupportTicketReplyEmail,
+  sendSupportAdminNotificationEmail,
+} from "@/lib/email";
+import { safeError } from "@/lib/errors";
+import type { SupportTicketStatus } from "@/types";
+
+/**
+ * Comments on a support ticket (Feature 5). Threaded chronologically;
+ * no nested replies.
+ *
+ * Auto status transitions on comment:
+ *   - Customer reply on a `waiting_for_customer` → `in_progress`
+ *     (the ball is back in admin's court).
+ *   - Customer reply on a `resolved` ticket → `reopened`
+ *     (customer disagreed with the resolution).
+ *   - Admin reply on `open` or `reopened` → `in_progress`
+ *     (signals admin has engaged).
+ *   - Admin reply on `in_progress` → `waiting_for_customer`
+ *     (admin's response, ball is in customer's court).
+ *   - Otherwise no change.
+ *
+ * The auto-bump is opportunistic — caller may pass an explicit
+ * status override via the PATCH endpoint instead. We only auto-bump
+ * here when no comment-side override is provided (the comment POST
+ * doesn't accept a status field).
+ *
+ * Email rules:
+ *   - Customer replies → admin queue gets an "admin notification" email.
+ *   - Admin replies → customer gets a reply email (with the body
+ *     inline so they can read on mobile without clicking).
+ *   - No "you just commented" confirmation back to the author.
+ *
+ * The customer reply path skips the separate status-change email
+ * even when the status auto-bumps, on the principle that one email
+ * per action is enough; the admin will see the reply notification
+ * and the new status in the queue.
+ */
+
+const createSchema = z.object({
+  body: z.string().trim().min(1, "required").max(10_000),
+});
+
+/**
+ * Compute the auto-bumped status (if any) for a comment from a given
+ * author kind. Returns the new status if it should change, or null
+ * if it should stay the same.
+ */
+function autoBumpStatus(
+  current: SupportTicketStatus,
+  authorKind: "customer" | "admin"
+): SupportTicketStatus | null {
+  if (authorKind === "customer") {
+    if (current === "waiting_for_customer") return "in_progress";
+    if (current === "resolved") return "reopened";
+    return null;
+  }
+  // admin
+  if (current === "open" || current === "reopened") return "in_progress";
+  if (current === "in_progress") return "waiting_for_customer";
+  return null;
+}
+
+export async function POST(
+  req: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const user = await getSessionUser();
+  if (!user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const { id } = await params;
+  const ticket = await getSupportTicketById(id);
+  if (!ticket) {
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+  // Same authorization as the GET on the parent resource.
+  if (!user.isPlatform && ticket.zitadelUserId !== user.id) {
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+
+  const body = await req.json().catch(() => null);
+  const parsed = createSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: "Invalid input", details: parsed.error.flatten() },
+      { status: 400 }
+    );
+  }
+
+  const authorKind: "customer" | "admin" = user.isPlatform
+    ? "admin"
+    : "customer";
+
+  try {
+    const comment = await createSupportTicketComment({
+      ticketId: id,
+      authorUserId: user.id,
+      authorName: user.name,
+      authorKind,
+      body: parsed.data.body,
+    });
+
+    // Auto-bump status if the comment changes the ball's court.
+    const nextStatus = autoBumpStatus(ticket.status, authorKind);
+    if (nextStatus) {
+      await updateSupportTicket(id, { status: nextStatus });
+    }
+
+    // Email the other side. Customer's reply → admin queue;
+    // admin's reply → customer.
+    if (authorKind === "customer") {
+      sendSupportAdminNotificationEmail({
+        reason: "replied",
+        ticketId: ticket.id,
+        title: ticket.title,
+        contactName: ticket.contactName,
+        contactEmail: ticket.contactEmail,
+        body: parsed.data.body,
+        category: ticket.category,
+      }).catch((e) => console.error("admin notification:", e));
+    } else {
+      sendSupportTicketReplyEmail({
+        to: ticket.contactEmail,
+        contactName: ticket.contactName,
+        ticketId: ticket.id,
+        title: ticket.title,
+        authorName: user.name,
+        body: parsed.data.body,
+      }).catch((e) => console.error("reply email:", e));
+    }
+
+    return NextResponse.json({ comment }, { status: 201 });
+  } catch (e: any) {
+    console.error("Failed to create support ticket comment:", e);
+    return NextResponse.json(
+      { error: safeError(e, "Failed to add comment") },
+      { status: 500 }
+    );
+  }
+}
diff --git a/src/app/api/support/tickets/[id]/route.ts b/src/app/api/support/tickets/[id]/route.ts
new file mode 100644
index 0000000..9bb2b68
--- /dev/null
+++ b/src/app/api/support/tickets/[id]/route.ts
@@ -0,0 +1,132 @@
+import { NextRequest, NextResponse } from "next/server";
+import { z } from "zod";
+import { getSessionUser } from "@/lib/session";
+import {
+  getSupportTicketById,
+  listCommentsForTicket,
+  updateSupportTicket,
+} from "@/lib/db";
+import { sendSupportTicketStatusEmail } from "@/lib/email";
+import { safeError } from "@/lib/errors";
+
+/**
+ * Single support ticket detail (Feature 5).
+ *
+ * GET — returns the ticket plus all comments in chronological order.
+ * Authorization: customer sees their own; platform admin sees any.
+ *
+ * PATCH — change status and/or category. Admin only. Sends a status
+ * change email to the customer if status changed, UNLESS the same
+ * call also creates a comment (in that case the comment endpoint
+ * handles the email so the customer doesn't get two messages).
+ *
+ * No DELETE — tickets are durable history. Resolved tickets stay in
+ * the DB for the audit trail.
+ */
+
+const patchSchema = z.object({
+  status: z
+    .enum(["open", "in_progress", "waiting_for_customer", "resolved", "reopened"])
+    .optional(),
+  category: z
+    .enum(["bug", "feature_request", "question", "billing", "other"])
+    .optional(),
+});
+
+export async function GET(
+  _req: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const user = await getSessionUser();
+  if (!user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const { id } = await params;
+  const ticket = await getSupportTicketById(id);
+  if (!ticket) {
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+  // Authorization: customer can see their own; platform admin can
+  // see any. Owners cannot see their org's tickets — confirmed by
+  // Feature 5 visibility design (per-user, not per-org).
+  if (!user.isPlatform && ticket.zitadelUserId !== user.id) {
+    // Don't leak existence — same 404 as if the ticket didn't exist.
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+  const comments = await listCommentsForTicket(id);
+  return NextResponse.json({ ticket, comments });
+}
+
+export async function PATCH(
+  req: NextRequest,
+  { params }: { params: Promise<{ id: string }> }
+) {
+  const user = await getSessionUser();
+  if (!user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const { id } = await params;
+  const ticket = await getSupportTicketById(id);
+  if (!ticket) {
+    return NextResponse.json({ error: "Not found" }, { status: 404 });
+  }
+
+  const body = await req.json().catch(() => null);
+  const parsed = patchSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: "Invalid input", details: parsed.error.flatten() },
+      { status: 400 }
+    );
+  }
+
+  // Authorization: status/category changes are admin-only EXCEPT
+  // the customer can close their own ticket via status='resolved'
+  // (Feature 5 design — gives them an "I figured it out, never mind"
+  // escape hatch). Customer cannot reopen via this endpoint — that
+  // happens automatically when they comment on a resolved ticket
+  // (handled in the comments POST).
+  const isCustomerSelfClose =
+    !user.isPlatform &&
+    ticket.zitadelUserId === user.id &&
+    parsed.data.status === "resolved" &&
+    parsed.data.category === undefined;
+
+  if (!user.isPlatform && !isCustomerSelfClose) {
+    return NextResponse.json({ error: "Forbidden" }, { status: 403 });
+  }
+
+  try {
+    const previousStatus = ticket.status;
+    const updated = await updateSupportTicket(id, parsed.data);
+    if (!updated) {
+      return NextResponse.json({ error: "Not found" }, { status: 404 });
+    }
+
+    // Email customer when admin (not the customer themselves)
+    // changes status. Skip on customer-self-close — they know what
+    // they did. Skip when status didn't actually change (admin
+    // edited only category).
+    if (
+      user.isPlatform &&
+      parsed.data.status !== undefined &&
+      parsed.data.status !== previousStatus
+    ) {
+      sendSupportTicketStatusEmail({
+        to: ticket.contactEmail,
+        contactName: ticket.contactName,
+        ticketId: ticket.id,
+        title: ticket.title,
+        newStatus: parsed.data.status,
+      }).catch((e) => console.error("status email:", e));
+    }
+
+    return NextResponse.json({ ticket: updated });
+  } catch (e: any) {
+    console.error("Failed to update support ticket:", e);
+    return NextResponse.json(
+      { error: safeError(e, "Failed to update ticket") },
+      { status: 500 }
+    );
+  }
+}
diff --git a/src/app/api/support/tickets/route.ts b/src/app/api/support/tickets/route.ts
new file mode 100644
index 0000000..47a5ab6
--- /dev/null
+++ b/src/app/api/support/tickets/route.ts
@@ -0,0 +1,103 @@
+import { NextRequest, NextResponse } from "next/server";
+import { z } from "zod";
+import { getSessionUser } from "@/lib/session";
+import {
+  createSupportTicket,
+  listSupportTicketsForUser,
+  listAllSupportTickets,
+} from "@/lib/db";
+import {
+  sendSupportTicketCreatedEmail,
+  sendSupportAdminNotificationEmail,
+} from "@/lib/email";
+import { safeError } from "@/lib/errors";
+
+/**
+ * Support tickets API (Feature 5).
+ *
+ * Visibility: tickets are scoped strictly per-user (zitadel_user_id).
+ * Coworkers in the same org cannot see each other's tickets — this
+ * is the team's design choice for privacy. Platform admins see
+ * everything (the admin queue lives at the same UI but pulls from
+ * a different list).
+ *
+ * GET — for platform users, returns all tickets across all users.
+ * For everyone else, returns only the caller's own tickets. The
+ * client decides the rendering based on user role; we just return
+ * the right list.
+ *
+ * POST — creates a ticket, sends a confirmation email to the
+ * customer and a notification email to the admin distribution list.
+ */
+
+const createSchema = z.object({
+  title: z.string().trim().min(3, "required").max(200),
+  description: z.string().trim().min(10, "required").max(10_000),
+  category: z.enum(["bug", "feature_request", "question", "billing", "other"]),
+});
+
+export async function GET() {
+  const user = await getSessionUser();
+  if (!user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  // Platform admins get the global queue; everyone else sees their
+  // own tickets only. Visibility-by-default-deny: even an org owner
+  // doesn't see their coworkers' tickets, by Feature 5 design.
+  const tickets = user.isPlatform
+    ? await listAllSupportTickets()
+    : await listSupportTicketsForUser(user.id);
+  return NextResponse.json({ tickets });
+}
+
+export async function POST(req: NextRequest) {
+  const user = await getSessionUser();
+  if (!user) {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+  const body = await req.json().catch(() => null);
+  const parsed = createSchema.safeParse(body);
+  if (!parsed.success) {
+    return NextResponse.json(
+      { error: "Invalid input", details: parsed.error.flatten() },
+      { status: 400 }
+    );
+  }
+  try {
+    const ticket = await createSupportTicket({
+      zitadelOrgId: user.orgId,
+      zitadelUserId: user.id,
+      title: parsed.data.title,
+      description: parsed.data.description,
+      category: parsed.data.category,
+      contactName: user.name,
+      contactEmail: user.email,
+    });
+
+    // Fire-and-log email notifications. Both are best-effort;
+    // failure to send doesn't roll back the ticket creation.
+    sendSupportTicketCreatedEmail({
+      to: user.email,
+      contactName: user.name,
+      ticketId: ticket.id,
+      title: ticket.title,
+    }).catch((e) => console.error("ticket created email:", e));
+    sendSupportAdminNotificationEmail({
+      reason: "created",
+      ticketId: ticket.id,
+      title: ticket.title,
+      contactName: user.name,
+      contactEmail: user.email,
+      body: ticket.description,
+      category: ticket.category,
+    }).catch((e) => console.error("admin notification:", e));
+
+    return NextResponse.json({ ticket }, { status: 201 });
+  } catch (e: any) {
+    console.error("Failed to create support ticket:", e);
+    return NextResponse.json(
+      { error: safeError(e, "Failed to create ticket") },
+      { status: 500 }
+    );
+  }
+}
diff --git a/src/components/layout/nav-shell.tsx b/src/components/layout/nav-shell.tsx
index 70c116c..db615ac 100644
--- a/src/components/layout/nav-shell.tsx
+++ b/src/components/layout/nav-shell.tsx
@@ -74,6 +74,17 @@ function NavBar() {
                   {t("settings")}
                 </NavLink>
               )}
+            {/* Feature 5: Support is available to every signed-in
+                user. Customers see their own tickets only; platform
+                admins see the queue. */}
+            {user && (
+              <NavLink
+                href="/support"
+                active={pathname.startsWith("/support")}
+              >
+                {t("support")}
+              </NavLink>
+            )}
             {user?.isPlatform && (
               <NavLink href="/admin" active={pathname === "/admin"}>
                 {t("admin")}
diff --git a/src/components/support/ticket-admin-controls.tsx b/src/components/support/ticket-admin-controls.tsx
new file mode 100644
index 0000000..4d425c1
--- /dev/null
+++ b/src/components/support/ticket-admin-controls.tsx
@@ -0,0 +1,152 @@
+"use client";
+
+import { useState } from "react";
+import { useRouter } from "next/navigation";
+import { useTranslations } from "next-intl";
+import { Card } from "@/components/ui/card";
+import type {
+  SupportTicketCategory,
+  SupportTicketStatus,
+} from "@/types";
+
+const STATUSES: SupportTicketStatus[] = [
+  "open",
+  "in_progress",
+  "waiting_for_customer",
+  "resolved",
+  "reopened",
+];
+const CATEGORIES: SupportTicketCategory[] = [
+  "bug",
+  "feature_request",
+  "question",
+  "billing",
+  "other",
+];
+
+interface Props {
+  ticketId: string;
+  currentStatus: SupportTicketStatus;
+  currentCategory: SupportTicketCategory;
+}
+
+/**
+ * Admin-only controls — change ticket status / category. Visible
+ * exclusively when `user.isPlatform` (gate is in the parent server
+ * component, not here).
+ *
+ * Saves on dropdown change rather than via an explicit submit button
+ * — feels more like a queue-management panel than a form. Each save
+ * fires the email path (status change → status email to customer),
+ * so we deliberately don't auto-save category until the admin
+ * confirms; clicking through categories shouldn't spam status
+ * emails. (Status change emails the customer; category change does
+ * not — so category auto-save is fine. Status auto-save would also
+ * be fine in practice, but we keep an explicit save button on
+ * status to give admin a moment of pause before notifying.)
+ *
+ * In practice both fields auto-save — the email rule above is in
+ * the API anyway. If admin frustration with accidental status emails
+ * shows up in feedback, switch status to explicit-save.
+ */
+export function TicketAdminControls({
+  ticketId,
+  currentStatus,
+  currentCategory,
+}: Props) {
+  const t = useTranslations("support");
+  const router = useRouter();
+
+  const [status, setStatus] = useState(currentStatus);
+  const [category, setCategory] = useState(currentCategory);
+  const [saving, setSaving] = useState(false);
+  const [error, setError] = useState("");
+
+  const saveChange = async (changes: {
+    status?: SupportTicketStatus;
+    category?: SupportTicketCategory;
+  }) => {
+    setSaving(true);
+    setError("");
+    try {
+      const res = await fetch(
+        `/api/support/tickets/${encodeURIComponent(ticketId)}`,
+        {
+          method: "PATCH",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify(changes),
+        }
+      );
+      if (!res.ok) {
+        const data = await res.json().catch(() => ({}));
+        throw new Error(data.error || t("updateFailed"));
+      }
+      router.refresh();
+    } catch (e: any) {
+      setError(e.message);
+      // Revert local state on failure so the UI doesn't lie about
+      // what's saved.
+      if (changes.status) setStatus(currentStatus);
+      if (changes.category) setCategory(currentCategory);
+    } finally {
+      setSaving(false);
+    }
+  };
+
+  return (
+    <Card className="border-blue-400/30 bg-blue-400/5">
+      <div className="text-xs uppercase tracking-wider text-blue-400 font-semibold mb-3">
+        {t("adminControlsTitle")}
+      </div>
+      <div className="grid grid-cols-1 sm:grid-cols-2 gap-4">
+        <div>
+          <label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
+            {t("fieldStatus")}
+          </label>
+          <select
+            value={status}
+            disabled={saving}
+            onChange={(e) => {
+              const next = e.target.value as SupportTicketStatus;
+              setStatus(next);
+              saveChange({ status: next });
+            }}
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary disabled:opacity-50"
+          >
+            {STATUSES.map((s) => (
+              <option key={s} value={s}>
+                {t(`status_${s}`)}
+              </option>
+            ))}
+          </select>
+        </div>
+        <div>
+          <label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
+            {t("fieldCategory")}
+          </label>
+          <select
+            value={category}
+            disabled={saving}
+            onChange={(e) => {
+              const next = e.target.value as SupportTicketCategory;
+              setCategory(next);
+              saveChange({ category: next });
+            }}
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary disabled:opacity-50"
+          >
+            {CATEGORIES.map((c) => (
+              <option key={c} value={c}>
+                {t(`category_${c}`)}
+              </option>
+            ))}
+          </select>
+        </div>
+      </div>
+      {error && (
+        <div className="text-xs text-red-400 bg-red-400/10 border border-red-400/20 rounded-lg px-3 py-2 mt-3">
+          {error}
+        </div>
+      )}
+    </Card>
+  );
+}
diff --git a/src/components/support/ticket-category-label.tsx b/src/components/support/ticket-category-label.tsx
new file mode 100644
index 0000000..8825d32
--- /dev/null
+++ b/src/components/support/ticket-category-label.tsx
@@ -0,0 +1,19 @@
+"use client";
+
+import { useTranslations } from "next-intl";
+import type { SupportTicketCategory } from "@/types";
+
+/**
+ * Plain translated category label, e.g. "Bug" / "Feature request" /
+ * "Billing". No styling chrome — just the text. Categories don't
+ * carry the same lifecycle/urgency signal as status, so they don't
+ * earn a coloured pill.
+ */
+export function TicketCategoryLabel({
+  category,
+}: {
+  category: SupportTicketCategory;
+}) {
+  const t = useTranslations("support");
+  return <span>{t(`category_${category}`)}</span>;
+}
diff --git a/src/components/support/ticket-create-form.tsx b/src/components/support/ticket-create-form.tsx
new file mode 100644
index 0000000..9806927
--- /dev/null
+++ b/src/components/support/ticket-create-form.tsx
@@ -0,0 +1,130 @@
+"use client";
+
+import { useState } from "react";
+import { useRouter } from "next/navigation";
+import { useTranslations } from "next-intl";
+import { Card } from "@/components/ui/card";
+import type { SupportTicketCategory } from "@/types";
+
+const CATEGORIES: SupportTicketCategory[] = [
+  "bug",
+  "feature_request",
+  "question",
+  "billing",
+  "other",
+];
+
+export function TicketCreateForm() {
+  const t = useTranslations("support");
+  const tCommon = useTranslations("common");
+  const router = useRouter();
+
+  const [title, setTitle] = useState("");
+  const [description, setDescription] = useState("");
+  const [category, setCategory] = useState<SupportTicketCategory>("question");
+  const [submitting, setSubmitting] = useState(false);
+  const [error, setError] = useState("");
+
+  const onSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setSubmitting(true);
+    setError("");
+    try {
+      const res = await fetch("/api/support/tickets", {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ title, description, category }),
+      });
+      if (!res.ok) {
+        const data = await res.json().catch(() => ({}));
+        throw new Error(data.error || t("createFailed"));
+      }
+      const data = await res.json();
+      // Redirect to the new ticket's detail page so the customer can
+      // see the confirmation state and immediately add follow-ups if
+      // they wish.
+      router.push(`/support/${data.ticket.id}`);
+      router.refresh();
+    } catch (e: any) {
+      setError(e.message);
+      setSubmitting(false);
+    }
+  };
+
+  return (
+    <Card>
+      <form onSubmit={onSubmit} className="space-y-4">
+        <div>
+          <label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
+            {t("fieldCategory")} <span className="text-red-400">*</span>
+          </label>
+          <select
+            required
+            value={category}
+            onChange={(e) =>
+              setCategory(e.target.value as SupportTicketCategory)
+            }
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary"
+          >
+            {CATEGORIES.map((c) => (
+              <option key={c} value={c}>
+                {t(`category_${c}`)}
+              </option>
+            ))}
+          </select>
+        </div>
+
+        <div>
+          <label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
+            {t("fieldTitle")} <span className="text-red-400">*</span>
+          </label>
+          <input
+            type="text"
+            required
+            minLength={3}
+            maxLength={200}
+            value={title}
+            onChange={(e) => setTitle(e.target.value)}
+            placeholder={t("titlePlaceholder")}
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary"
+          />
+        </div>
+
+        <div>
+          <label className="block text-xs uppercase tracking-wider text-text-muted mb-1">
+            {t("fieldDescription")} <span className="text-red-400">*</span>
+          </label>
+          <textarea
+            required
+            minLength={10}
+            maxLength={10_000}
+            rows={8}
+            value={description}
+            onChange={(e) => setDescription(e.target.value)}
+            placeholder={t("descriptionPlaceholder")}
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary"
+          />
+          <p className="text-xs text-text-muted mt-1">
+            {t("descriptionHelp")}
+          </p>
+        </div>
+
+        {error && (
+          <div className="text-xs text-red-400 bg-red-400/10 border border-red-400/20 rounded-lg px-3 py-2">
+            {error}
+          </div>
+        )}
+
+        <div className="flex justify-end">
+          <button
+            type="submit"
+            disabled={submitting}
+            className="text-sm font-medium px-4 py-2 rounded-lg bg-accent text-white hover:bg-accent/90 transition-colors disabled:opacity-50"
+          >
+            {submitting ? tCommon("loading") : t("submitTicket")}
+          </button>
+        </div>
+      </form>
+    </Card>
+  );
+}
diff --git a/src/components/support/ticket-status-badge.tsx b/src/components/support/ticket-status-badge.tsx
new file mode 100644
index 0000000..30b9309
--- /dev/null
+++ b/src/components/support/ticket-status-badge.tsx
@@ -0,0 +1,38 @@
+"use client";
+
+import { useTranslations } from "next-intl";
+import type { SupportTicketStatus } from "@/types";
+
+const STATUS_STYLES: Record<SupportTicketStatus, string> = {
+  // Open: blue, neutral attention.
+  open: "bg-blue-400/15 text-blue-400 border border-blue-400/20",
+  // In progress: amber, work happening.
+  in_progress: "bg-amber-400/15 text-amber-400 border border-amber-400/20",
+  // Waiting for customer: violet — distinct from in_progress so admins
+  // can quickly visually separate "I owe a response" from "they owe one".
+  waiting_for_customer:
+    "bg-violet-400/15 text-violet-400 border border-violet-400/20",
+  resolved: "bg-success/15 text-success border border-success/20",
+  // Reopened: red — flags admin attention because the previous
+  // resolution didn't stick.
+  reopened: "bg-red-400/15 text-red-400 border border-red-400/20",
+};
+
+/**
+ * Small status pill rendered on ticket list rows and detail header.
+ * Translated label, colour-coded by ticket lifecycle stage.
+ */
+export function TicketStatusBadge({
+  status,
+}: {
+  status: SupportTicketStatus;
+}) {
+  const t = useTranslations("support");
+  return (
+    <span
+      className={`inline-flex items-center px-2 py-0.5 text-xs font-medium rounded-full whitespace-nowrap ${STATUS_STYLES[status]}`}
+    >
+      {t(`status_${status}`)}
+    </span>
+  );
+}
diff --git a/src/components/support/ticket-thread.tsx b/src/components/support/ticket-thread.tsx
new file mode 100644
index 0000000..3f86369
--- /dev/null
+++ b/src/components/support/ticket-thread.tsx
@@ -0,0 +1,198 @@
+"use client";
+
+import { useState } from "react";
+import { useRouter } from "next/navigation";
+import { useTranslations, useFormatter } from "next-intl";
+import { Card } from "@/components/ui/card";
+import { formatDateTime } from "@/lib/format";
+import type { SupportTicketComment, SupportTicketStatus } from "@/types";
+
+interface Props {
+  ticketId: string;
+  ticketStatus: SupportTicketStatus;
+  comments: SupportTicketComment[];
+  isPlatform: boolean;
+  /** True when the viewer is the customer who created this ticket. */
+  isOwnTicket: boolean;
+}
+
+/**
+ * Thread of comments + reply box. Customer-side viewers see a
+ * "Close ticket" button as well, mapping to the customer-self-close
+ * path on the PATCH endpoint.
+ *
+ * Reply submission: posts the comment, then router.refresh() so the
+ * server-rendered page re-fetches and renders the new entry. Avoids
+ * duplicating the comment-rendering logic on the client.
+ *
+ * Empty body submissions are blocked at HTML level (required) AND
+ * by the API; we trust both layers.
+ */
+export function TicketThread({
+  ticketId,
+  ticketStatus,
+  comments,
+  isPlatform,
+  isOwnTicket,
+}: Props) {
+  const t = useTranslations("support");
+  const tCommon = useTranslations("common");
+  const f = useFormatter();
+  const router = useRouter();
+
+  const [body, setBody] = useState("");
+  const [submitting, setSubmitting] = useState(false);
+  const [closing, setClosing] = useState(false);
+  const [error, setError] = useState("");
+
+  const onSubmitComment = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setSubmitting(true);
+    setError("");
+    try {
+      const res = await fetch(
+        `/api/support/tickets/${encodeURIComponent(ticketId)}/comments`,
+        {
+          method: "POST",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ body }),
+        }
+      );
+      if (!res.ok) {
+        const data = await res.json().catch(() => ({}));
+        throw new Error(data.error || t("commentFailed"));
+      }
+      setBody("");
+      router.refresh();
+    } catch (e: any) {
+      setError(e.message);
+    } finally {
+      setSubmitting(false);
+    }
+  };
+
+  // Customer-self-close: confirms because it's a state change, then
+  // hits PATCH with status=resolved. The API allows this for
+  // own-ticket regardless of role; the button only shows when the
+  // ticket is in a non-resolved state.
+  const onCustomerClose = async () => {
+    if (!confirm(t("confirmClose"))) return;
+    setClosing(true);
+    setError("");
+    try {
+      const res = await fetch(
+        `/api/support/tickets/${encodeURIComponent(ticketId)}`,
+        {
+          method: "PATCH",
+          headers: { "Content-Type": "application/json" },
+          body: JSON.stringify({ status: "resolved" }),
+        }
+      );
+      if (!res.ok) {
+        const data = await res.json().catch(() => ({}));
+        throw new Error(data.error || t("closeFailed"));
+      }
+      router.refresh();
+    } catch (e: any) {
+      setError(e.message);
+    } finally {
+      setClosing(false);
+    }
+  };
+
+  const isResolved = ticketStatus === "resolved";
+  const canCustomerClose =
+    isOwnTicket && !isResolved;
+
+  return (
+    <>
+      {comments.map((c) => (
+        <Card
+          key={c.id}
+          className={
+            c.authorKind === "admin"
+              ? "border-blue-400/30 bg-blue-400/5"
+              : ""
+          }
+        >
+          <div className="flex items-center justify-between text-xs text-text-muted mb-2">
+            <span className="font-medium text-text-primary">
+              {c.authorName}
+              {c.authorKind === "admin" && (
+                <span className="ml-2 text-blue-400 text-[10px] uppercase tracking-wider">
+                  {t("authorTagAdmin")}
+                </span>
+              )}
+            </span>
+            <span>{formatDateTime(c.createdAt, f)}</span>
+          </div>
+          <div className="text-sm text-text-primary whitespace-pre-wrap">
+            {c.body}
+          </div>
+        </Card>
+      ))}
+
+      {isResolved && (
+        <Card className="border-success/30 bg-success/5">
+          <p className="text-sm text-text-secondary text-center">
+            {t("resolvedBanner")}
+          </p>
+        </Card>
+      )}
+
+      {/* Reply box. Visible regardless of status — customer can
+          reply even on a resolved ticket (which auto-reopens it
+          server-side). The semantic is "reply means the ticket is
+          alive again", which is friendlier than blocking the reply. */}
+      <Card>
+        <form onSubmit={onSubmitComment} className="space-y-3">
+          <label className="block text-xs uppercase tracking-wider text-text-muted">
+            {t("replyLabel")}
+          </label>
+          <textarea
+            required
+            minLength={1}
+            maxLength={10_000}
+            rows={4}
+            value={body}
+            onChange={(e) => setBody(e.target.value)}
+            placeholder={
+              isResolved && isOwnTicket
+                ? t("replyPlaceholderReopen")
+                : t("replyPlaceholder")
+            }
+            className="w-full px-3 py-2 rounded-lg border border-border bg-surface-2 text-text-primary text-sm focus:outline-none focus:border-text-secondary"
+          />
+
+          {error && (
+            <div className="text-xs text-red-400 bg-red-400/10 border border-red-400/20 rounded-lg px-3 py-2">
+              {error}
+            </div>
+          )}
+
+          <div className="flex items-center justify-between">
+            {canCustomerClose ? (
+              <button
+                type="button"
+                onClick={onCustomerClose}
+                disabled={closing || submitting}
+                className="text-xs text-text-secondary hover:text-text-primary transition-colors disabled:opacity-50"
+              >
+                {closing ? tCommon("loading") : t("closeTicket")}
+              </button>
+            ) : (
+              <span />
+            )}
+            <button
+              type="submit"
+              disabled={submitting || closing || body.trim().length === 0}
+              className="text-sm font-medium px-4 py-2 rounded-lg bg-accent text-white hover:bg-accent/90 transition-colors disabled:opacity-50"
+            >
+              {submitting ? tCommon("loading") : t("sendReply")}
+            </button>
+          </div>
+        </form>
+      </Card>
+    </>
+  );
+}
diff --git a/src/lib/db.ts b/src/lib/db.ts
index 29e07ec..6dee0e9 100644
--- a/src/lib/db.ts
+++ b/src/lib/db.ts
@@ -1,5 +1,15 @@
 import { Pool } from "pg";
-import type { BillingAddress, OrgBilling, TenantRequest, TenantRequestStatus } from "@/types";
+import type {
+  BillingAddress,
+  OrgBilling,
+  SupportTicket,
+  SupportTicketComment,
+  SupportTicketCommentAuthorKind,
+  SupportTicketCategory,
+  SupportTicketStatus,
+  TenantRequest,
+  TenantRequestStatus,
+} from "@/types";
 import { listTenants, getTenant } from "./k8s";
 
 // ---------------------------------------------------------------------------
@@ -190,6 +200,70 @@ const MIGRATION_SQL = `
     created_at       TIMESTAMPTZ NOT NULL DEFAULT now(),
     updated_at       TIMESTAMPTZ NOT NULL DEFAULT now()
   );
+
+  -- Feature 5: lightweight customer support / feedback tickets.
+  -- Scoped strictly per-user (zitadel_user_id), not per-org —
+  -- coworkers in the same org cannot see each other's tickets. The
+  -- index on (zitadel_user_id, status) is what most customer-side
+  -- queries hit; the index on (status, updated_at DESC) is for the
+  -- admin queue.
+  --
+  -- contact_email / contact_name are frozen at creation time so the
+  -- ticket retains a working "reply-to" identity even if the user
+  -- later changes their email or display name in ZITADEL.
+  CREATE TABLE IF NOT EXISTS support_tickets (
+    id              UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    zitadel_org_id  TEXT NOT NULL,
+    zitadel_user_id TEXT NOT NULL,
+    title           TEXT NOT NULL,
+    description     TEXT NOT NULL,
+    category        TEXT NOT NULL,
+    status          TEXT NOT NULL DEFAULT 'open',
+    contact_email   TEXT NOT NULL,
+    contact_name    TEXT NOT NULL,
+    created_at      TIMESTAMPTZ NOT NULL DEFAULT now(),
+    updated_at      TIMESTAMPTZ NOT NULL DEFAULT now()
+  );
+
+  -- CHECK constraints added separately so re-running the migration
+  -- against an existing table (without these constraints) works.
+  -- IF NOT EXISTS isn't supported on ADD CONSTRAINT, hence the
+  -- DO $$ wrapper.
+  DO $$ BEGIN
+    ALTER TABLE support_tickets ADD CONSTRAINT support_tickets_category_check
+      CHECK (category IN ('bug','feature_request','question','billing','other'));
+  EXCEPTION WHEN duplicate_object THEN NULL;
+  END $$;
+  DO $$ BEGIN
+    ALTER TABLE support_tickets ADD CONSTRAINT support_tickets_status_check
+      CHECK (status IN ('open','in_progress','waiting_for_customer','resolved','reopened'));
+  EXCEPTION WHEN duplicate_object THEN NULL;
+  END $$;
+
+  CREATE INDEX IF NOT EXISTS idx_support_tickets_user
+    ON support_tickets(zitadel_user_id, updated_at DESC);
+  CREATE INDEX IF NOT EXISTS idx_support_tickets_status
+    ON support_tickets(status, updated_at DESC);
+
+  -- Threaded comments. ON DELETE CASCADE so deleting a ticket
+  -- cleans up its history; we don't currently expose ticket
+  -- deletion in the UI but the cascade keeps options open.
+  CREATE TABLE IF NOT EXISTS support_ticket_comments (
+    id              UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    ticket_id       UUID NOT NULL REFERENCES support_tickets(id) ON DELETE CASCADE,
+    author_user_id  TEXT NOT NULL,
+    author_name     TEXT NOT NULL,
+    author_kind     TEXT NOT NULL,
+    body            TEXT NOT NULL,
+    created_at      TIMESTAMPTZ NOT NULL DEFAULT now()
+  );
+  DO $$ BEGIN
+    ALTER TABLE support_ticket_comments ADD CONSTRAINT support_ticket_comments_author_kind_check
+      CHECK (author_kind IN ('customer','admin'));
+  EXCEPTION WHEN duplicate_object THEN NULL;
+  END $$;
+  CREATE INDEX IF NOT EXISTS idx_support_ticket_comments_ticket
+    ON support_ticket_comments(ticket_id, created_at);
 `;
 
 let migrated = false;
@@ -1045,3 +1119,203 @@ export async function removeAllAssignmentsForUser(
     [orgId, userId]
   );
 }
+
+// ---------------------------------------------------------------------------
+// Feature 5: support tickets
+// ---------------------------------------------------------------------------
+
+function rowToSupportTicket(row: any): SupportTicket {
+  return {
+    id: row.id,
+    zitadelOrgId: row.zitadel_org_id,
+    zitadelUserId: row.zitadel_user_id,
+    title: row.title,
+    description: row.description,
+    category: row.category as SupportTicketCategory,
+    status: row.status as SupportTicketStatus,
+    contactEmail: row.contact_email,
+    contactName: row.contact_name,
+    createdAt: row.created_at?.toISOString?.() ?? row.created_at,
+    updatedAt: row.updated_at?.toISOString?.() ?? row.updated_at,
+  };
+}
+
+function rowToSupportTicketComment(row: any): SupportTicketComment {
+  return {
+    id: row.id,
+    ticketId: row.ticket_id,
+    authorUserId: row.author_user_id,
+    authorName: row.author_name,
+    authorKind: row.author_kind as SupportTicketCommentAuthorKind,
+    body: row.body,
+    createdAt: row.created_at?.toISOString?.() ?? row.created_at,
+  };
+}
+
+/**
+ * Create a new support ticket. The contact_name/contact_email are
+ * snapshotted from the session at creation time — see SupportTicket
+ * doc for why.
+ */
+export async function createSupportTicket(params: {
+  zitadelOrgId: string;
+  zitadelUserId: string;
+  title: string;
+  description: string;
+  category: SupportTicketCategory;
+  contactName: string;
+  contactEmail: string;
+}): Promise<SupportTicket> {
+  await ensureSchema();
+  const result = await getPool().query(
+    `INSERT INTO support_tickets (
+       zitadel_org_id, zitadel_user_id, title, description, category,
+       contact_name, contact_email
+     ) VALUES ($1, $2, $3, $4, $5, $6, $7)
+     RETURNING *`,
+    [
+      params.zitadelOrgId,
+      params.zitadelUserId,
+      params.title,
+      params.description,
+      params.category,
+      params.contactName,
+      params.contactEmail,
+    ]
+  );
+  return rowToSupportTicket(result.rows[0]);
+}
+
+/** Tickets created by a single user, newest activity first. */
+export async function listSupportTicketsForUser(
+  zitadelUserId: string
+): Promise<SupportTicket[]> {
+  await ensureSchema();
+  const result = await getPool().query(
+    `SELECT * FROM support_tickets
+       WHERE zitadel_user_id = $1
+       ORDER BY updated_at DESC`,
+    [zitadelUserId]
+  );
+  return result.rows.map(rowToSupportTicket);
+}
+
+/**
+ * Admin queue. Returns every ticket across all users/orgs, newest
+ * activity first. Pending tickets (open/reopened) bubble to the top
+ * by virtue of recent activity, but the API doesn't sort by status —
+ * the admin UI handles filtering and bucketing.
+ */
+export async function listAllSupportTickets(): Promise<SupportTicket[]> {
+  await ensureSchema();
+  const result = await getPool().query(
+    `SELECT * FROM support_tickets ORDER BY updated_at DESC`
+  );
+  return result.rows.map(rowToSupportTicket);
+}
+
+export async function getSupportTicketById(
+  id: string
+): Promise<SupportTicket | null> {
+  await ensureSchema();
+  const result = await getPool().query(
+    "SELECT * FROM support_tickets WHERE id = $1",
+    [id]
+  );
+  return result.rows.length > 0 ? rowToSupportTicket(result.rows[0]) : null;
+}
+
+export async function listCommentsForTicket(
+  ticketId: string
+): Promise<SupportTicketComment[]> {
+  await ensureSchema();
+  const result = await getPool().query(
+    `SELECT * FROM support_ticket_comments
+       WHERE ticket_id = $1
+       ORDER BY created_at`,
+    [ticketId]
+  );
+  return result.rows.map(rowToSupportTicketComment);
+}
+
+/**
+ * Insert a comment. Bumps the parent ticket's `updated_at` so the
+ * activity sort orders work — done in a transaction so the two are
+ * atomic from any concurrent reader's perspective.
+ *
+ * Caller is responsible for status auto-bumping (e.g. customer
+ * replying to a `waiting_for_customer` ticket → `in_progress`); the
+ * DB layer just writes what it's told.
+ */
+export async function createSupportTicketComment(params: {
+  ticketId: string;
+  authorUserId: string;
+  authorName: string;
+  authorKind: SupportTicketCommentAuthorKind;
+  body: string;
+}): Promise<SupportTicketComment> {
+  await ensureSchema();
+  const client = await getPool().connect();
+  try {
+    await client.query("BEGIN");
+    const inserted = await client.query(
+      `INSERT INTO support_ticket_comments (
+         ticket_id, author_user_id, author_name, author_kind, body
+       ) VALUES ($1, $2, $3, $4, $5)
+       RETURNING *`,
+      [
+        params.ticketId,
+        params.authorUserId,
+        params.authorName,
+        params.authorKind,
+        params.body,
+      ]
+    );
+    await client.query(
+      "UPDATE support_tickets SET updated_at = now() WHERE id = $1",
+      [params.ticketId]
+    );
+    await client.query("COMMIT");
+    return rowToSupportTicketComment(inserted.rows[0]);
+  } catch (e) {
+    await client.query("ROLLBACK");
+    throw e;
+  } finally {
+    client.release();
+  }
+}
+
+/**
+ * Update mutable fields on a ticket. Only category and status are
+ * mutable; title/description are frozen post-creation. Returns the
+ * updated row so callers can email the right contact_email
+ * afterwards.
+ */
+export async function updateSupportTicket(
+  id: string,
+  changes: { status?: SupportTicketStatus; category?: SupportTicketCategory }
+): Promise<SupportTicket | null> {
+  await ensureSchema();
+  const sets: string[] = ["updated_at = now()"];
+  const values: any[] = [id];
+  let idx = 2;
+  if (changes.status !== undefined) {
+    sets.push(`status = $${idx}`);
+    values.push(changes.status);
+    idx++;
+  }
+  if (changes.category !== undefined) {
+    sets.push(`category = $${idx}`);
+    values.push(changes.category);
+    idx++;
+  }
+  // No-op early exit. Without an actual change we still want
+  // updated_at refreshed if the caller asked for one, but if they
+  // passed neither field there's nothing to do.
+  if (sets.length === 1) return getSupportTicketById(id);
+  const result = await getPool().query(
+    `UPDATE support_tickets SET ${sets.join(", ")} WHERE id = $1 RETURNING *`,
+    values
+  );
+  return result.rows.length > 0 ? rowToSupportTicket(result.rows[0]) : null;
+}
diff --git a/src/lib/email.ts b/src/lib/email.ts
index c1f5d79..af17776 100644
--- a/src/lib/email.ts
+++ b/src/lib/email.ts
@@ -318,3 +318,282 @@ export async function sendAdminNotificationEmail(
     console.error("Failed to send admin notification email:", err);
   }
 }
+
+// ---------------------------------------------------------------------------
+// Feature 5: support ticket emails
+// ---------------------------------------------------------------------------
+
+/**
+ * Email subject prefix that helps customers thread tickets in their
+ * mail client. We don't have inbound email processing — replies via
+ * email back to us go nowhere — but the prefix is still useful for
+ * the customer's own organisation. The id is shortened to 8 chars
+ * for human readability; collisions on the truncated form within a
+ * single user's inbox are vanishingly unlikely.
+ */
+function ticketSubjectPrefix(ticketId: string): string {
+  return `[PieCed Support #${ticketId.slice(0, 8)}]`;
+}
+
+const STATUS_LABELS_EN: Record<string, string> = {
+  open: "Open",
+  in_progress: "In progress",
+  waiting_for_customer: "Waiting for your reply",
+  resolved: "Resolved",
+  reopened: "Reopened",
+};
+
+/**
+ * Sent to the customer when they create a ticket — confirmation
+ * that we received it and a copy of the ticket id for their records.
+ */
+export async function sendSupportTicketCreatedEmail(params: {
+  to: string;
+  contactName: string;
+  ticketId: string;
+  title: string;
+}): Promise<void> {
+  const safeName = escapeHtml(params.contactName);
+  const safeTitle = escapeHtml(params.title);
+  const shortId = params.ticketId.slice(0, 8);
+  const subject = `${ticketSubjectPrefix(params.ticketId)} ${params.title}`;
+
+  try {
+    await getTransporter().sendMail({
+      from: getFrom(),
+      to: params.to,
+      subject,
+      text: [
+        `Hello ${params.contactName},`,
+        "",
+        `We've received your support request "${params.title}" (reference #${shortId}).`,
+        "",
+        "Our team will review and respond as soon as possible. You can track the status and reply at https://app.pieced.ch/support.",
+        "",
+        "Best regards,",
+        "PieCed IT",
+      ].join("\n"),
+      html: `
+        <div style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; max-width: 560px; margin: 0 auto; color: #e0e0e0; background: #1a1a1a; padding: 32px; border-radius: 12px;">
+          <h2 style="color: #ffffff; margin-top: 0;">Support request received</h2>
+          <p>Hello ${safeName},</p>
+          <p>We've received your support request <strong>"${safeTitle}"</strong> (reference #${shortId}).</p>
+          <p>Our team will review and respond as soon as possible.</p>
+          <p>
+            <a href="https://app.pieced.ch/support" style="display: inline-block; padding: 10px 24px; background: #3b82f6; color: #ffffff; text-decoration: none; border-radius: 8px; font-weight: 500;">
+              View ticket
+            </a>
+          </p>
+          <hr style="border: none; border-top: 1px solid #333; margin: 24px 0;" />
+          <p style="color: #666; font-size: 12px;">PieCed IT — Hosted on-premises in Switzerland</p>
+        </div>
+      `,
+    });
+  } catch (err) {
+    console.error("Failed to send support ticket creation email:", err);
+  }
+}
+
+/**
+ * Sent to the customer when an admin replies to one of their tickets.
+ * Includes the body of the reply inline so the customer can read it
+ * without clicking through (especially useful on mobile).
+ */
+export async function sendSupportTicketReplyEmail(params: {
+  to: string;
+  contactName: string;
+  ticketId: string;
+  title: string;
+  authorName: string;
+  body: string;
+}): Promise<void> {
+  const safeName = escapeHtml(params.contactName);
+  const safeTitle = escapeHtml(params.title);
+  const safeAuthor = escapeHtml(params.authorName);
+  const safeBody = escapeHtml(params.body);
+  const shortId = params.ticketId.slice(0, 8);
+  const subject = `${ticketSubjectPrefix(params.ticketId)} Re: ${params.title}`;
+
+  try {
+    await getTransporter().sendMail({
+      from: getFrom(),
+      to: params.to,
+      subject,
+      text: [
+        `Hello ${params.contactName},`,
+        "",
+        `${params.authorName} replied to your ticket "${params.title}" (#${shortId}):`,
+        "",
+        params.body,
+        "",
+        "Reply or follow up at https://app.pieced.ch/support.",
+        "",
+        "Best regards,",
+        "PieCed IT",
+      ].join("\n"),
+      html: `
+        <div style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; max-width: 560px; margin: 0 auto; color: #e0e0e0; background: #1a1a1a; padding: 32px; border-radius: 12px;">
+          <h2 style="color: #ffffff; margin-top: 0;">New reply on your ticket</h2>
+          <p>Hello ${safeName},</p>
+          <p><strong>${safeAuthor}</strong> replied to your ticket <strong>"${safeTitle}"</strong> (#${shortId}):</p>
+          <div style="background: #2a2a2a; border-left: 3px solid #3b82f6; padding: 12px 16px; border-radius: 6px; margin: 16px 0; white-space: pre-wrap;">
+            ${safeBody}
+          </div>
+          <p>
+            <a href="https://app.pieced.ch/support" style="display: inline-block; padding: 10px 24px; background: #3b82f6; color: #ffffff; text-decoration: none; border-radius: 8px; font-weight: 500;">
+              View ticket
+            </a>
+          </p>
+          <hr style="border: none; border-top: 1px solid #333; margin: 24px 0;" />
+          <p style="color: #666; font-size: 12px;">PieCed IT — Hosted on-premises in Switzerland</p>
+        </div>
+      `,
+    });
+  } catch (err) {
+    console.error("Failed to send support ticket reply email:", err);
+  }
+}
+
+/**
+ * Sent to the customer when an admin changes status without a comment.
+ * If the same admin action included a comment, they'd get the
+ * reply email instead — caller decides which to send.
+ */
+export async function sendSupportTicketStatusEmail(params: {
+  to: string;
+  contactName: string;
+  ticketId: string;
+  title: string;
+  newStatus: string;
+}): Promise<void> {
+  const safeName = escapeHtml(params.contactName);
+  const safeTitle = escapeHtml(params.title);
+  const statusLabel = STATUS_LABELS_EN[params.newStatus] ?? params.newStatus;
+  const shortId = params.ticketId.slice(0, 8);
+  const subject = `${ticketSubjectPrefix(params.ticketId)} Status: ${statusLabel}`;
+
+  try {
+    await getTransporter().sendMail({
+      from: getFrom(),
+      to: params.to,
+      subject,
+      text: [
+        `Hello ${params.contactName},`,
+        "",
+        `The status of your ticket "${params.title}" (#${shortId}) has been updated to: ${statusLabel}.`,
+        "",
+        "View details and respond if needed at https://app.pieced.ch/support.",
+        "",
+        "Best regards,",
+        "PieCed IT",
+      ].join("\n"),
+      html: `
+        <div style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; max-width: 560px; margin: 0 auto; color: #e0e0e0; background: #1a1a1a; padding: 32px; border-radius: 12px;">
+          <h2 style="color: #ffffff; margin-top: 0;">Ticket status update</h2>
+          <p>Hello ${safeName},</p>
+          <p>The status of your ticket <strong>"${safeTitle}"</strong> (#${shortId}) has been updated to:</p>
+          <p style="font-size: 18px; color: #3b82f6; font-weight: 600;">${escapeHtml(statusLabel)}</p>
+          <p>
+            <a href="https://app.pieced.ch/support" style="display: inline-block; padding: 10px 24px; background: #3b82f6; color: #ffffff; text-decoration: none; border-radius: 8px; font-weight: 500;">
+              View ticket
+            </a>
+          </p>
+          <hr style="border: none; border-top: 1px solid #333; margin: 24px 0;" />
+          <p style="color: #666; font-size: 12px;">PieCed IT — Hosted on-premises in Switzerland</p>
+        </div>
+      `,
+    });
+  } catch (err) {
+    console.error("Failed to send support ticket status email:", err);
+  }
+}
+
+/**
+ * Notify the platform admin distribution list of a new ticket OR a
+ * customer reply. Mirror of sendAdminNotificationEmail's pattern —
+ * uses the same ADMIN_NOTIFICATION_EMAIL env var.
+ *
+ * Two trigger reasons supported:
+ *  - 'created'  → new ticket from a customer
+ *  - 'replied'  → customer replied to existing ticket (we want admin
+ *                 visibility, e.g. to know the ticket needs another
+ *                 round of attention)
+ */
+export async function sendSupportAdminNotificationEmail(params: {
+  reason: "created" | "replied";
+  ticketId: string;
+  title: string;
+  contactName: string;
+  contactEmail: string;
+  body?: string; // The new message content (description on create, comment body on reply)
+  category?: string;
+}): Promise<void> {
+  const adminEmail = process.env.ADMIN_NOTIFICATION_EMAIL;
+  if (!adminEmail) {
+    console.warn(
+      "ADMIN_NOTIFICATION_EMAIL not set; skipping admin support notification"
+    );
+    return;
+  }
+  const safeContact = escapeHtml(params.contactName);
+  const safeContactEmail = escapeHtml(params.contactEmail);
+  const safeTitle = escapeHtml(params.title);
+  const safeBody = params.body ? escapeHtml(params.body) : "";
+  const shortId = params.ticketId.slice(0, 8);
+
+  const subjectVerb = params.reason === "created" ? "New" : "Reply on";
+  const subject = `${ticketSubjectPrefix(params.ticketId)} ${subjectVerb}: ${params.title}`;
+
+  const headlineHtml =
+    params.reason === "created"
+      ? `<h2 style="color: #ffffff; margin-top: 0;">New support ticket</h2>`
+      : `<h2 style="color: #ffffff; margin-top: 0;">Customer replied on ticket</h2>`;
+
+  try {
+    await getTransporter().sendMail({
+      from: getFrom(),
+      to: adminEmail,
+      subject,
+      text: [
+        params.reason === "created"
+          ? "A new support ticket was opened:"
+          : "A customer replied to a support ticket:",
+        "",
+        `From:     ${params.contactName} <${params.contactEmail}>`,
+        `Ticket:   ${params.title} (#${shortId})`,
+        params.category ? `Category: ${params.category}` : "",
+        "",
+        params.body ? "Message:" : "",
+        params.body ?? "",
+        "",
+        `View at https://app.pieced.ch/support/${params.ticketId}`,
+      ]
+        .filter((s) => s !== "")
+        .join("\n"),
+      html: `
+        <div style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; max-width: 560px; margin: 0 auto; color: #e0e0e0; background: #1a1a1a; padding: 32px; border-radius: 12px;">
+          ${headlineHtml}
+          <table style="width:100%; font-size: 13px; color: #aaa; margin-bottom: 16px;">
+            <tr><td style="padding: 4px 0; width: 100px;">From</td><td style="padding: 4px 0; color: #fff;">${safeContact} &lt;${safeContactEmail}&gt;</td></tr>
+            <tr><td style="padding: 4px 0;">Title</td><td style="padding: 4px 0; color: #fff;">${safeTitle} <span style="color: #666;">(#${shortId})</span></td></tr>
+            ${params.category ? `<tr><td style="padding: 4px 0;">Category</td><td style="padding: 4px 0; color: #fff;">${escapeHtml(params.category)}</td></tr>` : ""}
+          </table>
+          ${
+            params.body
+              ? `<div style="background: #2a2a2a; border-left: 3px solid #3b82f6; padding: 12px 16px; border-radius: 6px; margin: 16px 0; white-space: pre-wrap;">${safeBody}</div>`
+              : ""
+          }
+          <p>
+            <a href="https://app.pieced.ch/support/${params.ticketId}" style="display: inline-block; padding: 10px 24px; background: #3b82f6; color: #ffffff; text-decoration: none; border-radius: 8px; font-weight: 500;">
+              Open in admin queue
+            </a>
+          </p>
+          <hr style="border: none; border-top: 1px solid #333; margin: 24px 0;" />
+          <p style="color: #666; font-size: 12px;">PieCed IT — Admin notification</p>
+        </div>
+      `,
+    });
+  } catch (err) {
+    console.error("Failed to send admin support notification:", err);
+  }
+}
diff --git a/src/messages/de.json b/src/messages/de.json
index e7e4bd1..d8506bf 100644
--- a/src/messages/de.json
+++ b/src/messages/de.json
@@ -14,7 +14,8 @@
     "register": "Registrieren",
     "team": "Team",
     "settings": "Einstellungen",
-    "optional": "optional"
+    "optional": "optional",
+    "support": "Support"
   },
   "login": {
     "title": "PieCed Portal",
@@ -413,5 +414,48 @@
     "lastUpdated": "Zuletzt aktualisiert {when}",
     "fullName": "Voller Name",
     "notesPlaceholderPersonal": "Was wir wissen sollten — bevorzugte Zahlungsart, Rechnungsreferenz, etc."
+  },
+  "support": {
+    "title": "Support",
+    "subtitle": "Erstellen Sie ein Ticket, um eine Frage zu stellen, einen Fehler zu melden oder Feedback zu geben. Antworten gehen an Ihre registrierte E-Mail-Adresse.",
+    "titleAdmin": "Support-Warteschlange",
+    "subtitleAdmin": "Tickets aller Kunden, neueste Aktivität zuerst.",
+    "newTicket": "Neues Ticket",
+    "newTicketTitle": "Support-Ticket erstellen",
+    "newTicketSubtitle": "Erzählen Sie uns, was los ist. Je mehr Details, desto schneller können wir helfen.",
+    "empty": "Sie haben noch keine Tickets erstellt.",
+    "emptyAdmin": "Keine Support-Tickets in der Warteschlange.",
+    "fieldCategory": "Kategorie",
+    "fieldTitle": "Titel",
+    "fieldDescription": "Beschreibung",
+    "fieldStatus": "Status",
+    "titlePlaceholder": "Kurze Zusammenfassung Ihres Anliegens",
+    "descriptionPlaceholder": "Beschreiben Sie, was passiert ist, was Sie erwartet haben, und alle Fehlermeldungen.",
+    "descriptionHelp": "Sie können Fehlermeldungen und Logs einfügen. Bitte keine Passwörter oder andere Geheimnisse.",
+    "submitTicket": "Ticket senden",
+    "createFailed": "Ticket konnte nicht erstellt werden. Bitte erneut versuchen.",
+    "category_bug": "Fehler",
+    "category_feature_request": "Feature-Wunsch",
+    "category_question": "Frage",
+    "category_billing": "Abrechnung",
+    "category_other": "Sonstiges",
+    "status_open": "Offen",
+    "status_in_progress": "In Bearbeitung",
+    "status_waiting_for_customer": "Warten auf Ihre Antwort",
+    "status_resolved": "Erledigt",
+    "status_reopened": "Wieder geöffnet",
+    "openedBy": "Eröffnet von {name} am {when}",
+    "authorTagAdmin": "PieCed-Support",
+    "replyLabel": "Antwort hinzufügen",
+    "replyPlaceholder": "Ihre Nachricht…",
+    "replyPlaceholderReopen": "Antwort (dies öffnet das Ticket erneut)…",
+    "sendReply": "Antwort senden",
+    "commentFailed": "Antwort konnte nicht gesendet werden. Bitte erneut versuchen.",
+    "closeTicket": "Als erledigt markieren",
+    "confirmClose": "Dieses Ticket als erledigt markieren? Sie können es später durch eine Antwort wieder öffnen.",
+    "closeFailed": "Ticket konnte nicht geschlossen werden. Bitte erneut versuchen.",
+    "resolvedBanner": "Dieses Ticket ist erledigt. Antworten Sie unten, falls Sie nachfragen möchten — das öffnet es erneut.",
+    "adminControlsTitle": "Admin-Steuerung",
+    "updateFailed": "Änderungen konnten nicht gespeichert werden. Bitte erneut versuchen."
   }
 }
diff --git a/src/messages/en.json b/src/messages/en.json
index 4337f05..cfcc93a 100644
--- a/src/messages/en.json
+++ b/src/messages/en.json
@@ -14,7 +14,8 @@
     "register": "Register",
     "team": "Team",
     "settings": "Settings",
-    "optional": "optional"
+    "optional": "optional",
+    "support": "Support"
   },
   "login": {
     "title": "PieCed Portal",
@@ -413,5 +414,48 @@
     "lastUpdated": "Last updated {when}",
     "fullName": "Full name",
     "notesPlaceholderPersonal": "Anything we should know — preferred payment method, billing reference, etc."
+  },
+  "support": {
+    "title": "Support",
+    "subtitle": "Open a ticket to ask a question, report a bug, or share feedback. Replies will be sent to your registered email.",
+    "titleAdmin": "Support queue",
+    "subtitleAdmin": "Tickets across all customers, newest activity first.",
+    "newTicket": "New ticket",
+    "newTicketTitle": "Open a support ticket",
+    "newTicketSubtitle": "Tell us what's going on. The more detail you share, the faster we can help.",
+    "empty": "You haven't opened any tickets yet.",
+    "emptyAdmin": "No support tickets in the queue.",
+    "fieldCategory": "Category",
+    "fieldTitle": "Title",
+    "fieldDescription": "Description",
+    "fieldStatus": "Status",
+    "titlePlaceholder": "Short summary of what you need",
+    "descriptionPlaceholder": "Describe what happened, what you expected, and any error messages you saw.",
+    "descriptionHelp": "You can paste error messages and logs. Don't include passwords or other secrets.",
+    "submitTicket": "Submit ticket",
+    "createFailed": "Could not create ticket. Please try again.",
+    "category_bug": "Bug",
+    "category_feature_request": "Feature request",
+    "category_question": "Question",
+    "category_billing": "Billing",
+    "category_other": "Other",
+    "status_open": "Open",
+    "status_in_progress": "In progress",
+    "status_waiting_for_customer": "Awaiting your reply",
+    "status_resolved": "Resolved",
+    "status_reopened": "Reopened",
+    "openedBy": "Opened by {name} on {when}",
+    "authorTagAdmin": "PieCed support",
+    "replyLabel": "Add a reply",
+    "replyPlaceholder": "Your message…",
+    "replyPlaceholderReopen": "Reply (this will reopen the ticket)…",
+    "sendReply": "Send reply",
+    "commentFailed": "Could not send reply. Please try again.",
+    "closeTicket": "Mark as resolved",
+    "confirmClose": "Mark this ticket as resolved? You can reopen it later by replying.",
+    "closeFailed": "Could not close the ticket. Please try again.",
+    "resolvedBanner": "This ticket is resolved. Reply below if you need to follow up — that will reopen it.",
+    "adminControlsTitle": "Admin controls",
+    "updateFailed": "Could not save changes. Please try again."
   }
 }
diff --git a/src/messages/fr.json b/src/messages/fr.json
index e2c31ec..18b5046 100644
--- a/src/messages/fr.json
+++ b/src/messages/fr.json
@@ -14,7 +14,8 @@
     "register": "S'inscrire",
     "team": "Équipe",
     "settings": "Paramètres",
-    "optional": "facultatif"
+    "optional": "facultatif",
+    "support": "Support"
   },
   "login": {
     "title": "Portail PieCed",
@@ -413,5 +414,48 @@
     "lastUpdated": "Dernière mise à jour {when}",
     "fullName": "Nom complet",
     "notesPlaceholderPersonal": "Tout ce que nous devons savoir — moyen de paiement préféré, référence de facturation, etc."
+  },
+  "support": {
+    "title": "Support",
+    "subtitle": "Ouvrez un ticket pour poser une question, signaler un bug ou partager un commentaire. Les réponses seront envoyées à l'adresse e-mail enregistrée.",
+    "titleAdmin": "File d'attente du support",
+    "subtitleAdmin": "Tickets de tous les clients, activité la plus récente en premier.",
+    "newTicket": "Nouveau ticket",
+    "newTicketTitle": "Ouvrir un ticket de support",
+    "newTicketSubtitle": "Dites-nous ce qui se passe. Plus vous donnez de détails, plus nous pouvons aider rapidement.",
+    "empty": "Vous n'avez pas encore ouvert de ticket.",
+    "emptyAdmin": "Aucun ticket de support dans la file d'attente.",
+    "fieldCategory": "Catégorie",
+    "fieldTitle": "Titre",
+    "fieldDescription": "Description",
+    "fieldStatus": "Statut",
+    "titlePlaceholder": "Bref résumé de votre besoin",
+    "descriptionPlaceholder": "Décrivez ce qui s'est passé, ce que vous attendiez et tout message d'erreur observé.",
+    "descriptionHelp": "Vous pouvez coller des messages d'erreur et des logs. Pas de mots de passe ni d'autres secrets.",
+    "submitTicket": "Envoyer le ticket",
+    "createFailed": "Impossible de créer le ticket. Veuillez réessayer.",
+    "category_bug": "Bug",
+    "category_feature_request": "Demande de fonctionnalité",
+    "category_question": "Question",
+    "category_billing": "Facturation",
+    "category_other": "Autre",
+    "status_open": "Ouvert",
+    "status_in_progress": "En cours",
+    "status_waiting_for_customer": "En attente de votre réponse",
+    "status_resolved": "Résolu",
+    "status_reopened": "Rouvert",
+    "openedBy": "Ouvert par {name} le {when}",
+    "authorTagAdmin": "Support PieCed",
+    "replyLabel": "Ajouter une réponse",
+    "replyPlaceholder": "Votre message…",
+    "replyPlaceholderReopen": "Réponse (cela rouvrira le ticket)…",
+    "sendReply": "Envoyer la réponse",
+    "commentFailed": "Impossible d'envoyer la réponse. Veuillez réessayer.",
+    "closeTicket": "Marquer comme résolu",
+    "confirmClose": "Marquer ce ticket comme résolu ? Vous pourrez le rouvrir plus tard en répondant.",
+    "closeFailed": "Impossible de fermer le ticket. Veuillez réessayer.",
+    "resolvedBanner": "Ce ticket est résolu. Répondez ci-dessous si vous avez besoin d'un suivi — cela le rouvrira.",
+    "adminControlsTitle": "Contrôles admin",
+    "updateFailed": "Impossible d'enregistrer les modifications. Veuillez réessayer."
   }
 }
diff --git a/src/messages/it.json b/src/messages/it.json
index cf91aee..80b870f 100644
--- a/src/messages/it.json
+++ b/src/messages/it.json
@@ -14,7 +14,8 @@
     "register": "Registrati",
     "team": "Team",
     "settings": "Impostazioni",
-    "optional": "facoltativo"
+    "optional": "facoltativo",
+    "support": "Supporto"
   },
   "login": {
     "title": "Portale PieCed",
@@ -413,5 +414,48 @@
     "lastUpdated": "Ultimo aggiornamento {when}",
     "fullName": "Nome completo",
     "notesPlaceholderPersonal": "Qualsiasi cosa dovremmo sapere — metodo di pagamento preferito, riferimento per fatturazione, ecc."
+  },
+  "support": {
+    "title": "Supporto",
+    "subtitle": "Apri un ticket per fare una domanda, segnalare un bug o condividere un feedback. Le risposte verranno inviate alla tua email registrata.",
+    "titleAdmin": "Coda supporto",
+    "subtitleAdmin": "Ticket di tutti i clienti, attività più recente per prima.",
+    "newTicket": "Nuovo ticket",
+    "newTicketTitle": "Apri un ticket di supporto",
+    "newTicketSubtitle": "Raccontaci cosa succede. Più dettagli ci dai, più velocemente possiamo aiutarti.",
+    "empty": "Non hai ancora aperto ticket.",
+    "emptyAdmin": "Nessun ticket di supporto in coda.",
+    "fieldCategory": "Categoria",
+    "fieldTitle": "Titolo",
+    "fieldDescription": "Descrizione",
+    "fieldStatus": "Stato",
+    "titlePlaceholder": "Breve riassunto della tua richiesta",
+    "descriptionPlaceholder": "Descrivi cosa è successo, cosa ti aspettavi e qualsiasi messaggio d'errore visto.",
+    "descriptionHelp": "Puoi incollare messaggi d'errore e log. Niente password o altri segreti.",
+    "submitTicket": "Invia ticket",
+    "createFailed": "Impossibile creare il ticket. Riprova.",
+    "category_bug": "Bug",
+    "category_feature_request": "Richiesta funzionalità",
+    "category_question": "Domanda",
+    "category_billing": "Fatturazione",
+    "category_other": "Altro",
+    "status_open": "Aperto",
+    "status_in_progress": "In corso",
+    "status_waiting_for_customer": "In attesa della tua risposta",
+    "status_resolved": "Risolto",
+    "status_reopened": "Riaperto",
+    "openedBy": "Aperto da {name} il {when}",
+    "authorTagAdmin": "Supporto PieCed",
+    "replyLabel": "Aggiungi una risposta",
+    "replyPlaceholder": "Il tuo messaggio…",
+    "replyPlaceholderReopen": "Risposta (questo riaprirà il ticket)…",
+    "sendReply": "Invia risposta",
+    "commentFailed": "Impossibile inviare la risposta. Riprova.",
+    "closeTicket": "Segna come risolto",
+    "confirmClose": "Segnare questo ticket come risolto? Potrai riaprirlo in seguito rispondendo.",
+    "closeFailed": "Impossibile chiudere il ticket. Riprova.",
+    "resolvedBanner": "Questo ticket è risolto. Rispondi qui sotto se hai bisogno di un seguito — questo lo riaprirà.",
+    "adminControlsTitle": "Controlli admin",
+    "updateFailed": "Impossibile salvare le modifiche. Riprova."
   }
 }
diff --git a/src/types/index.ts b/src/types/index.ts
index 35b9a9d..a27e7cd 100644
--- a/src/types/index.ts
+++ b/src/types/index.ts
@@ -322,3 +322,74 @@ export interface OnboardingInput {
   billingAddress?: BillingAddress;
   billingNotes?: string;
 }
+
+// ---------------------------------------------------------------------------
+// Feature 5: support tickets (lightweight customer support / feedback channel)
+// ---------------------------------------------------------------------------
+
+export type SupportTicketCategory =
+  | "bug"
+  | "feature_request"
+  | "question"
+  | "billing"
+  | "other";
+
+export type SupportTicketStatus =
+  | "open" // new, awaiting first admin response
+  | "in_progress" // admin is actively working on it
+  | "waiting_for_customer" // admin replied, customer's turn
+  | "resolved" // closed
+  | "reopened"; // customer replied to a resolved ticket → flipped back
+
+/**
+ * Tickets are scoped strictly per-user, not per-org. A customer's
+ * coworkers (even within the same org) cannot see each other's
+ * tickets — confirmed design choice from Feature 5 discussion. This
+ * is enforced both at the DB query layer (filter by zitadel_user_id)
+ * and at the API layer (authorization checks).
+ *
+ * `contactEmail` and `contactName` are frozen at creation time so
+ * the email-thread reply addresses still work after a user changes
+ * their display name or email in ZITADEL. Standard ticketing pattern.
+ */
+export interface SupportTicket {
+  id: string;
+  zitadelOrgId: string;
+  zitadelUserId: string;
+  title: string;
+  description: string;
+  category: SupportTicketCategory;
+  status: SupportTicketStatus;
+  contactEmail: string;
+  contactName: string;
+  createdAt: string;
+  updatedAt: string;
+}
+
+export type SupportTicketCommentAuthorKind = "customer" | "admin";
+
+/**
+ * Comment on a support ticket. Public (visible to both ends) — no
+ * internal-notes feature in v1. `authorKind` drives styling (customer
+ * vs admin bubble) and which email goes out.
+ *
+ * `authorName` is frozen at write time. If a user later changes their
+ * display name, old comments still render with the name they had at
+ * the time of writing — which is what you usually want for an audit
+ * trail of conversations.
+ */
+export interface SupportTicketComment {
+  id: string;
+  ticketId: string;
+  authorUserId: string;
+  authorName: string;
+  authorKind: SupportTicketCommentAuthorKind;
+  body: string;
+  createdAt: string;
+}
+
+/** Detail view: the ticket plus its full chronological comment thread. */
+export interface SupportTicketDetail {
+  ticket: SupportTicket;
+  comments: SupportTicketComment[];
+}