π Looking for our Indigo SSO documentation? Check out this directory. π
Overview
Integrating Single Sign-On (SSO) can indeed be complex, involving configurations across multiple platforms. The last thing you want is to encounter error screens during such a sophisticated integration process.
This is our troubleshooting guide, offering clear solutions to common problems. It's our way of helping you navigate through any difficulties you may encounter.
Have a burning question?
Using this Troubleshooter
Errors can crop up for both users during login and IT admins during various configuration stages. When they occur, the majority of the errors listed under this section will appear at the bottom right corner of your screen, or take you to the OOPS! screen below.
To identify the error you encountered from the OOPS! screen, read the error description. You'll find it displayed in red beside the Help me! button. To learn the reason behind the error and find the fix, match the error to its corresponding entry in the table of contents' list of errors.
Typically, only IT administrators hold the authority to resolve these issues.
If you're a regular user, we highly recommend reaching out to your company's IT department and sharing with them the specific error you encountered, and this guide's URL for assistance.
Errors: Why they happen and how to fix them
This tenant has not yet enabled SSO authentication. Kindly contact your IT Administrator, and try again once SSO has been enabled.
Why did this happen?
This error occurs when setup has been configured, but SSO logins have not yet been enabled from the Indigo Platform.
How do I fix it?
To resolve this, from Indigo, navigate to Administration > Main > Settings and ensure that the Enable SSO box is checked.
The domain [name of domain you inserted] is not allowed to log in to Indigo. Kindly contact your IT Administrator, and try again once the domain has been set up and verified.
Why did this happen?
This error is displayed to users attempting to log in when the Identity Provider (IdP) setup hasn't been completed, and the TXT record verification is pending.
How do I fix it?
To address this issue, the IT admin needs to complete all of step 1 in the IdP setup, specifically where they insert the key into the TXT record.
Indigo Suite group was not found in your Microsoft Entra ID Groups. Kindly ensure that this has been properly set up or contact Shireburn Support for further assistance.
Why did this happen?
This error arises when there's an issue with the user group in your Microsoft Entra ID. This could be due to spelling mistakes in the security group name, the group not having been set up properly, or at all.
How do I fix it?
To resolve this, configure your security group following these instructions. Ensure that the group is named accurately as Indigo Suite without any errors.
User [name] was not found in the group Indigo Suite. Kindly ensure that this user is included in this group to grant access to Indigo.
Why did this happen?
This error occurs either during the setup process or directly from the Administration > Main > Users screen when attempting to set up a user within Indigo who is not found in your Entra ID security group.
How do I fix it?
To fix this issue, ensure that the missing user is added to the Indigo Suite security group in your Microsoft Entra ID tenant.
Your tenant has multiple companies assigned to it. Kindly contact your IT Administrator to set your user to a company to be able to log in.
Why did this happen?
This error occurs when a new user attempts to log in before the IT admin has linked their Microsoft Entra ID user to their Indigo user account. This situation can only arise in environments where there is more than one company on the tenant, because otherwise, the user would be linked automatically.
How do I fix it?
To address this, the IT admin needs to finalise the setup for the employee's user, which includes configuring the User Mapping. Shireburn Support is unable to resolve this; it's essential for the IT admin to take action and set up the user with one of the tenant's companies.
If you're configuring Indigo SSO for the first time on your tenant, check out these instructions below.
If Indigo SSO is already configured on your tenant and you're simply adding one or a few employee user accounts (like in the case of new hires), follow these instructions for the manual methods.
No company has been set up to be assigned to these users. Kindly set up one or more companies to be assigned to the new users and try again.
Why did this happen?
This issue arises when a user tries to log in with a user account from the Microsoft Entra ID security group, but no companies are registered on the Indigo tenant. To log in with Indigo SSO, users must be linked to a registered company.
How do I fix it?
To resolve this, register at least one company and manually link the user to it. For more information on Companies in Indigo, click here.
Username [user@domain.com] already exists. This email address [user@domain.com] already belongs to another user.
(User Provisioning Error specific OOPS! screen)
Why did this happen?
The issue occurs when attempting to link a user, who appears as unlinked in the User Mapping grid, to a username or email address that is already in use.
How do I fix it?
You have the option to leave the user's entry blank and continue, allowing Indigo to automatically create a new user, or you can manually unlink the currently linked username and then associate it with the correct user if the email address is being used incorrectly.
The user {username} could not be created because that username is already in use.
Why did this happen?
This error indicates that, during the Provisioning (User Mapping) process, Indigo found an existing local user for a given employee.
How do I fix it?
This error is unlikely to occur. It is primarily designed to cover all bases. This is because Indigo SSO has been programmed to immediately connect a new employee with their local user should it identify an existing one for them.
You cannot log in because your tenant requires SSO authentication. Please use your SSO credentials to access your account.
(Login screen)
Why did this happen?
This error occurs for users within a domain that has the Enforce SSO setting activated. It will be encountered when such users attempt to log in to Indigo using methods other than SSO.
How do I fix it?
The employee needs to use their SSO credentials as set up by their IT admin to log in. If none have been provided, or they do not work, the IT admin needs to ensure that the employee has been properly configured within the Indigo Suite Security group in Entra ID.
Client Secret is not the expected length. A client secret needs to be 40 characters long.
(IdP Setup Wizard or Edit screen)
Why did this happen?
This error occurs either during the initial phases of the IdP configuration in Indigo, or when editing an expired client secret.
How do I fix it?
A typical client secret generated in Microsoft Entra ID contains 40 characters. Ensure that you input the correct client secret during setup or when editing an expired secret.
There is an insufficient amount of Enterprise Pack licenses for your tenant. / The Enterprise Pack module is not available for your tenant. Kindly contact your IT Administrator for support.
Why did this happen?
These are two very similar issues that arise when you either don't have enough Enterprise Pack Licenses, or none at all.
How do I fix it?
Clients with Administrator permissions can buy the required licenses from Administration > Licensing > Purchase Additional Licenses.