Difficult Managing App Users in Admin Console
We've already purchased EKM and would like these app users to be managed within their main enterprise account so that they can own the encryption keys.
If Box were to create the App users under their main enterprise account, this would adversely affect the ongoing administration of the core Box experience.
For example, app users would appear in the same tab as managed users. The admin event feed would also be capturing all the interactions of the 10,000 additional app users.
We have strong concerns that the addition of the 10,000 app users will make it difficult for us to conduct normal administration of our core box instance. However, we don't want to purchase a second instance of Box EKM just to accommodate the additional app users. EKM is necessary to control the encryption of this content at rest due to the requirements in our industry.
Separate App Users from Managed Users in the Admin Console to prevent confusion for Box Admins (and inadvertent deletion of users).
Provide some sort of filter or flag in the admin events stream that makes it easy to filter the App User events from the managed user events.
App users and managed users are now separated in the Admin Console. App users are hidden by default but may be viewed by switching filters within the Admin Console. See this post for more details: https://community.box.com/t5/Box-Product-Updates/App-Users-Filter-in-Users-amp-Groups-Tab/idi-p/67874
The separate request to provide a filter in the Admin event stream has been logged as a separate idea here: https://pulse.box.com/forums/909778/suggestions/37027681
Adminkatiele (Product Manager, Box) commented
We added a filter for app users to the Managed Users tab. https://community.box.com/t5/Box-Product-Updates/App-Users-Filter-in-Users-amp-Groups-Tab/idi-p/67874