Configure Dialpad Sandbox auto-provisioning

Once you set up single sign-On (SSO), your next step as an administrator is to set up automated user provisioning. This lets you authorize, create, modify, or delete your user's identity once in G Suite. You can also see identity changes reflected in Dialpad Sandbox.

Get the Dialpad Sandbox API key
  1. Sign in to your Dialpad Sandbox application as an administrator.
  2. Navigate to Admin Settings and then My Company and then Authentication and then API Keys.
  3. Click Show value to display the DialpadSandbox API key.
  4. Copy and save the key.
Set up auto-provisioning for the Dialpad Sandbox application
  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenSAML apps.
  3. Open the Dialpad Sandbox application.
  4. In the Auto-provisioning section, click Configure auto-provisioning.
  5. Enter the API key you copied from Dialpad Sandbox.
  6. Click Continue.
  7. Verify that all mandatory Dialpad Sanbox attributes (those marked with an *) are mapped to Google Cloud Directory attributes. If not, click the Down arrow "" and map to the appropriate attribute.
  8. Click Continue.
  9.  (Optional) Restrict provisioning to specific groups:
    1. Enter all or part of a group name in the Search groups field.
      A list of available groups appears. Select a group to add it and open a new search field.
    2. If necessary, add more groups and choose a scope. 
    3. To remove any group you added, click  next to it.
  10. Once you’re done, click Continue.
  11. Choose how long deprovisioning actions should be delayed before taking effect. The amount of time before deprovisioning takes effect can be set to: within 24 hours or after one, 7, or 30 days. Select at least one of these options:
    • When an app is turned off for the user, suspend their account, soft delete their account, or both, after [number of days]. 
      • A suspended account is temporarily unavailable until it's restored.
      • A soft deleted account can be restored without data loss up to 7 days after deletion.
    • When a user is suspended on Google, suspend their account, soft delete their account, or both, after [number of days].
    • When a user is deleted from Google, suspend their account, soft delete their account, or both, after [number of days].

      Tip: Always set more time before hard deleting a user's account than for suspending a user's account.
  12. Click Finish.
  13. In the Auto-provisioning section, click the activation slider.
     

    Note: The activation slider is disabled if Dialpad Sandbox isn’t turned on for any users. Click User access and turn the app on to enable the slider.

  14. In the confirmation dialog box, click Turn on.
Display auto-provisioning

Once provisioning is on, Google starts collecting usage information. You'll see the usage information in the Auto-provisioning section. There won't be any numbers next to the event names until you enable provisioning.

The following event names provide the usage information for the last 30 days:

  • Users created
  • Users suspended
  • Users deleted
  • Failures

For more information, see Monitor automated user provisioning.

Edit provisioning scope

You may want to restrict the scope of provisioning to members of groups you define. 

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenSAML apps.
  3. Open the Dialpad Sandbox application.
  4. Click the Auto-provisioning section to open the settings page.
  5. Under Provisioning scope, click Edit.
  6. Enter all or part of a group name in the Search groups field. A list of available groups appears.
    1. Select a group to add it and open a new search field.
    2. If necessary, add more groups and choose a scope. 
    3. To remove any group you added, click  next to it.
  7. Once you’re done, click Update.

The next time you edit provisioning scope, the groups you added appear in the Provisioning scope window. If you turned on the Dialpad Sandbox application for a set of organizational units, the provisioning scope is restricted to those users in the added groups who are also members of those organizations.

Deactivate auto-provisioning

To disable auto-provisioning for the Dialpad Sandbox application without losing all the configuration information:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenSAML apps.
  3. Open the Dialpad Sandbox application.
  4. Do one of the following:
    • In the Auto-provisioning section, click the activation slider.
    • Click the Auto-provisioning section to open the settings page, then click Statusand thenTurn off.
  5. In the confirmation dialog box, click Turn off
Define deprovisioning time frames

To define how long deprovisioning actions should be delayed before taking effect:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenSAML apps.
  3. Open the Dialpad Sandbox application.
  4. Click the Auto-provisioning section to open the settings page.
  5. Under Deprovisioning, click Edit.
  6. Choose how long deprovisioning actions should be delayed before taking effect. The amount of time before deprovisioning takes effect can be set to: within 24 hours or after one, 7, or 30 days. Select at least one of these options:
    • When an app is turned off for the user, suspend their account, soft delete their account, or both, after [number of days]. 
      • A suspended account is temporarily unavailable until it's restored.
      • A soft deleted account can be restored without data loss up to 7 days after deletion.
    • When a user is suspended on Google, suspend their account, soft delete their account, or both, after [number of days].
    • When a user is deleted from Google, suspend their account, soft delete their account, or both, after [number of days].

      Tip: Always set more time before hard deleting a user's account than for suspending a user's account.
  7. Click Save to save your edited deprovisioning configuration.
Remove auto-provisioning

To disable auto-provisioning for the Dialpad Sandbox application and remove all the configuration information:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Appsand thenSAML apps.
  3. Open the Dialpad Sandbox application.
  4. Click the Auto-provisioning section to open the settings page.
  5. Under Delete configuration, click Delete.
  6. Click Delete to both deactivate auto-provisioning and remove all the configuration information.
    Existing users on Dialpad Sandbox will not be deprovisioned.
Important: If automatic provisioning stops and you need to reauthorize the application

If the admin password for Dialpad Sandbox has changed, automatic provisioning will stop working. In this case, the original authorization is revoked by Dialpad Sandbox, and you must reauthorize automatic provisioning.

  1. Follow the steps in Get the Dialpad Sandbox API key, above, to get a new access token from Dialpad Sandbox.
  2. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  3. From the Admin console Home page, go to Appsand thenSAML apps.
  4. Click the Dialpad Sandbox application.
  5. Click the Auto-provisioning section to open the settings page.
  6. Under App authorization, click Reauthorize.
  7. Enter your Dialpad Sandbox access token, then click Re-authorize.

After reauthorization completes, you're returned to the Auto-provisioning settings page in the Admin console.

Note: Your third-party application might revoke authorization for reasons other than the admin password changing. These reasons can include account inactivity, for example. Check with the documentation for the third-party application for scenarios in which authorization can be revoked.

Was this helpful?
How can we improve it?