Password changes through Provisioning API lock out our "Wallet" merchant admins

[Dave Engberg]

My company is both a Google Apps customer and also a merchant that sells services through Google Wallet's recurring payment gateway.

We have a set of employees who can access our Google Wallet merchant account through the web. (We only use Google Wallet as a merchant ... individual employees don't purchase goods through Google Wallet.)

We are trying to implement central password management using the Google Provisioning API. So a user can choose a password in one place that is pushed to Google, pushed to our VPNs and WiFi network, etc.

Our system sets the Google Apps user password through the API, and this works fine for email, calendaring, etc.

Unfortunately, whenever we use the Provisioning API or tools to set a password on an account, the Google Wallet account for that user is suspended.

When the employee tries to access the Wallet merchant UI, they see a page that says the account was "suspended as a precautionary measure ... because Google detected that an administrator at your organization initiated a password reset for your email addres."

This requires a tedious reinstatement process every time it happens. The suggested resolution to avoid this ("sign up with a personal email address") is inappropriate for our business.

Is there any way to use the Provisioning API without breaking the Wallet merchant UI?