Allow an external user to access Vault
Your organization can grant Vault access to external users, such as the members of a regulatory agency, to comply with an investigation or audit. Your Google Workspace administrator must first add these users to your organization in the Admin console and give them privileges to search in Vault, view reports, or other tasks. You must then inform the external users that they can access Vault with those accounts.
For the Google Workspace administrator
To grant access and assign Vault privileges to external users:
- Sign in to the Admin console.
- Create a new organizational unit for external users.
- Turn services on or off (for example, Gmail) for this organizational unit as required.
- Add external users to this organizational unit.
For example, if you want firstname.lastname@example.org, an external investigator, to access Vault, you can add her as sarah-solarmora@your_domain.com.
Note: If you're using Directory Sync to manage your users, you must add external users to your LDAP directory or to Directory Sync so that they aren't automatically removed during synchronization.
- Create a new admin role with the required Vault privileges.
- Assign the admin role to external users as needed.
These external users do not require a Vault license.
For the Vault user
To help external users get started in Vault:
- Get usernames and passwords from the Google Workspace administrator (created in step 4 above). External users enter these sign-in credentials to access Vault.
- Give these credentials to external users.
- Tell these users where to sign in to Vault.