# Users

To unlock all dope features, there are two easy steps:

1. **Enable Endpoint Authentication:** Forces users to authenticate with corporate accounts before they can access the Internet and automatically applies correct web security policy
2. **User & Group Import:** Allows for User/Group-based policies, and for analytics

## Endpoint Authentication

This is a one-time authentication for end-users. We do not prompt for re-authentication unless a device has been [dormant for 30 days](#user-content-fn-1)[^1].

<table data-header-hidden><thead><tr><th width="146"></th><th></th></tr></thead><tbody><tr><td>Windows</td><td>Windows users will receive a notification in the lower-right to authenticate. If they do not, web traffic will be blocked (<a data-footnote-ref href="#user-content-fn-2">unless bypassed</a>), and users will be prompted to authenticate</td></tr><tr><td>Mac</td><td>Mac users will receive a pop-up. If this window is closed, it will automatically reopen to prompt the user to authenticate. Web traffic will be blocked (unless bypassed), until this is complete</td></tr></tbody></table>

## User & Group Import

{% hint style="info" %}
See [Import User and Group Data](/introducing-dope.swg/quick-start-guide/import-user-and-group-data.md) for a more detailed breakdown.
{% endhint %}

The Google or Microsoft 365 admin must authorize access to the users and groups for the import. Once authenticated, dope.security will import your users and groups.

{% hint style="warning" %}
Special steps are required on Google (See [Importing from Google](/dope.console/settings/users/importing-from-google.md)).
{% endhint %}

{% hint style="warning" %}
Azure / Microsoft Entra Security Groups are not currently supported for policy assignment and exceptions in dope.console
{% endhint %}

Every 15 minutes, all user & group updates are automatically synchronized. i.e. any employee who joins, leaves, or changes groups will automatically update

<figure><img src="/files/z0oHRjBtNoeK06y9ENmY" alt=""><figcaption><p>Click &#x26; save to enable SSO</p></figcaption></figure>

{% hint style="danger" %}
Without importing users and groups into the console, the following functionality will not be available:

* Custom Policies
* Policy Exceptions
* Shadow IT & Productivity Analytics
  {% endhint %}

[^1]: Devices move from Active -> Dormant if offline for 7 days.

[^2]: Application/domain bypasses will not be impacted by this.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://inflight.dope.security/dope.console/settings/users.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.