we need to grant some IT colleagues access to our Sandbox for testing purposes but we don't want to enable them to log in to the Production environment.
Is it possible, or does anybody know a workaround?
Thank you in advance!
Topics help categorize Community content and increase your ability to discover relevant content.
You'll have to create their account in Sandbox. It will be overwritten each time you refresh so you'll have to remember to re-create it after each refresh.
For a quick peek, you could simply change your password in Sandbox and let them log in as you: if they try to Go To Production, they’ll be prompted for your real password (but not know it).
If this is an ongoing need, you can also create their user on Production (so it will automatically be cloned to Sandbox each weekend), but with no Access Level (and/or marked as not active). On weeks they need access, you (as SysAdmin) need only log into Sandbox and assign the appropriate Access Level (even SysAdmin) and/or Activate them.
I know this is an older question, but the way I do this in our environments is to create the account in Prod with whatever the permissions should be in the sandbox and then immediately disable the Prod account. I post an update in the Prod account explaining that it should never been enabled for real use, so I remember 6 months from now why it exists.
Then everytime the sandbox refreshes, all I have to do is go turn their account back on there.
As someone else said, you can just create the account directly in the sandbox, but then you have to fully re-create it after every refresh.