Your organization can grant Vault access to external users, such as the members of a regulatory agency, to comply with an investigation or audit. Your G Suite administrator must first add these users to your domain in the Admin console and give them privileges to search in Vault, view reports, or other tasks. As a Vault administrator, you must then inform these users that they can access Vault.
For the G Suite administrator
To grant access and assign Vault privileges to external users:
- Sign in to the Admin console.
- Create a new organizational unit for external users.
- Turn services on or off (for example, Gmail) for this organizational unit as required.
- Add external users to this organizational unit.
For example, if you want email@example.com, an external investigator, to access Vault, you can add her as sarah-solarmora@your_domain.com.
Note: If you're using Directory Sync to manage your users, you must add external users to your LDAP directory or to Directory Sync so that they aren't automatically removed during synchronization.
- Create a new admin role with the required Vault privileges.
- Assign the admin role to external users as needed.
These external users do not require a Vault license.
For the Vault administrator
To help external users get started in Vault:
- Get usernames and passwords from the G Suite administrator (created in step 4 above). External users enter these sign-in credentials to access Vault.
- Give these credentials to external users.
- Tell these users where to sign in to Vault.