Skip to main content

Central sandbox and Developer sandbox refresh

Zuora

Central sandbox and Developer sandbox refresh

This document explains the changes to user access in the central sandbox (CSBX) and developer sandbox(DSBX) environments post refresh process after integrating with Zuora OneID. It outlines how the CSBX refresh process affects user accounts, access roles, and administrative actions in various scenarios. Key differences between behavior before and after OneID implementation are highlighted to guide administrators in managing user access effectively.

 

Use Case Before OneID With OneID Admin Actions
Users have access to the Production Tenant but not CSBX Users with access to the Production tenant did not have access to CSBX.
  • Refresh process copies user accounts from the Production tenant to CSBX as new accounts.
  • Existing user accounts in CSBX are erased.
  • New user accounts are created in CSBX with roles defined in the Production tenant.
  • Users now see a new CSBX tile in MyApps.
  1. Direct Tenant Access: Turn off the toggle in OneID user details page to revoke CSBX access.
     
  2. Group Provisioning Mode:
  • No changes required.
  • Users won’t see the CSBX tile in MyApps, but their accounts in CSBX remain active.
Users have access to only CSBX User access was retained in CSBX during the refresh process.
  • Refresh process erases all existing user accounts in CSBX.
  • Users lose access to CSBX.
  • Admins must recreate or update user accounts locally in CSBX or via OneID.
  1. Direct Tenant Access: Turn on the toggle in OneID user details page to re-enable CSBX access.
     
  2. Group Provisioning Mode: Re-sync the group to restore CSBX access for impacted users.
Users have access to both Production and CSBX tenants but with different roles User roles in CSBX were independent of roles in the Production tenant.
  • Refresh process erases all existing user accounts in CSBX.
  • User accounts from Production are copied to CSBX, along with their roles.
  • Roles in CSBX are overwritten with those from Production.
  • Admins must manually reassign roles locally in CSBX if different roles are required.
  1. Direct Tenant Access: No action required. When users click the CSBX tile in MyApps, their roles align automatically with those defined in OneID.
     
  2. Group Provisioning Mode: No additional action needed; roles sync automatically.

For more information on data being scrubbed during the CSBX and Developer Sandbox refresh process, refer to this document