Skip to main content
Indigo SSO: Troubleshooting

Explore our troubleshooting guide for clear solutions to common Indigo SSO issues, helping you overcome challenges effortlessly.

Matthew Calleja avatar
Written by Matthew Calleja
Updated over 2 months ago

πŸ“š Looking for our Indigo SSO documentation? Check out this directory. πŸ“š


Overview

Integrating Single Sign-On (SSO) can indeed be complex, involving configurations across multiple platforms. The last thing you want is to encounter error screens during such a sophisticated integration process.

This is our troubleshooting guide, offering clear solutions to common problems. It's our way of helping you navigate through any difficulties you may encounter.

Have a burning question?


Using this Troubleshooter

Errors can crop up for both users during login and IT admins during various configuration stages. When they occur, the majority of the errors listed under this section will appear at the bottom right corner of your screen, or take you to the OOPS! screen below, with very few exceptions.

To identify the error you have just encountered, match its description to its corresponding entry in the table of contents' list of errors. Note: in the OOPS! screen, the description is displayed in red beside the Help me! button.

Typically, only IT admins have the required system privileges to resolve these issues. If you're a regular Indigo user, we highly recommend reaching out to your company's IT department and providing them with:

Errors: Why they happen and how to fix them

This tenant has not yet enabled SSO authentication. Kindly contact your IT Administrator, and try again once SSO has been enabled.

Why did this happen?

This error occurs when setup has been configured, but SSO logins have not yet been enabled from the Indigo Platform.

How do I fix it?

To resolve this, from Indigo, navigate to Administration > Main > Settings and ensure that the Enable SSO box is checked.


The domain [name of domain you inserted] is not allowed to log in to Indigo. Kindly contact your IT Administrator, and try again once the domain has been set up and verified.

Why did this happen?

This error is displayed to users attempting to log in when the Identity Provider (IdP) setup hasn't been completed, and the TXT record verification is pending.

How do I fix it?

To address this issue, the IT admin needs to complete all of step 1 in the IdP setup, specifically where they insert the key into the TXT record.


The specified security group was not found in your Microsoft Entra ID Groups. Kindly ensure that this has been properly set up or contact Shireburn Support for further assistance.

Why did this happen?

This error arises when there's an issue with the user group in your Microsoft Entra ID. This could be due to spelling mistakes in the security group name, the group not having been set up properly, or at all.

How do I fix it?

To resolve this, configure your security group following these instructions. Ensure that the group in your tenant is named exactly as specified in the Group Name field during setup.


User [name] was not found in the specified security group. Kindly ensure that this user is included in this group to grant access to Indigo.

Why did this happen?

This error occurs either during the setup process or directly from the Administration > Main > Users screen when attempting to set up a user within Indigo who is not found in your Entra ID security group.

How do I fix it?

To fix this issue, ensure that the missing user is added to the security group specified during setup in your Microsoft Entra ID tenant.


No company has been set up to be assigned to these users. Kindly set up one or more companies to be assigned to the new users and try again.

Why did this happen?

This issue arises when a user tries to log in with a user account from the Microsoft Entra ID security group, but no companies are registered on the Indigo tenant. To log in with Indigo SSO, users must be linked to a registered company.

How do I fix it?

To resolve this, register at least one company and manually link the user to it. For more information on Companies in Indigo, click here.


Username [user@domain.com] already exists. This email address [user@domain.com] already belongs to another user.

Why did this happen?

The issue occurs when attempting to link a user, who appears as unlinked in the User Mapping grid, to a username or email address that is already in use.

How do I fix it?

You have the option to leave the user's entry blank and continue, allowing Indigo to automatically create a new user, or you can manually unlink the currently linked username and then associate it with the correct user if the email address is being used incorrectly.


The user {username} could not be created because that username is already in use.

Why did this happen?

This error indicates that, during the Provisioning (User Mapping) process, Indigo found an existing local user for a given employee.

How do I fix it?

This error is unlikely to occur. It is primarily designed to cover all bases. This is because Indigo SSO has been programmed to immediately connect a new employee with their local user should it identify an existing one for them.


You cannot log in because your tenant requires SSO authentication. Please use your SSO credentials to access your account.

Why did this happen?

This error occurs for users within a domain that has the Enforce SSO setting activated. It will be encountered when such users attempt to log in to Indigo using methods other than SSO.

How do I fix it?

The employee needs to use their SSO credentials as set up by their IT admin to log in. If none have been provided, or they do not work, the IT admin needs to ensure that the employee has been properly configured within the security group in Entra ID that was specified during setup in Indigo.


Client Secret is not the expected length. A client secret needs to be 40 characters long.

Why did this happen?

This error occurs either during the initial phases of the IdP configuration in Indigo, or when editing an expired client secret.

How do I fix it?

A typical client secret generated in Microsoft Entra ID contains 40 characters. Ensure that you input the correct client secret during setup or when editing an expired secret.


There is an insufficient amount of Enterprise Pack licenses for your tenant. / The Enterprise Pack module is not available for your tenant. Kindly contact your IT Administrator for support.

Why did this happen?

These are two very similar issues that arise when you either don't have enough Enterprise Pack Licenses, or none at all.

How do I fix it?

Clients with Administrator permissions can buy the required licenses from Administration > Licensing > Purchase Additional Licenses.


This user does not have access to one or more companies. Please notify the administrator to resolve the issue.

Why did this happen?

This error occurs when an employee tries to log in but their linked user does not have access to one or more companies that they are assigned to.

How do I fix it?

In Indigo, you can set up users with multiple companies. To grant access:

  1. Go to Administration > Main > Users.

  2. Click the required user.

  3. Click Edit (✏️ button in the toolbar).

  4. Tick the appropriate companies under User Companies.

  5. Click Save (Enter) (βœ” button in the toolbar) to apply changes. Note: the user must log out and log back in to see the updates.


{username} could not be linked because all matching users are already associated with different accounts. Please contact your IT Administrator for assistance.

Why did this happen?

This error can occur during User Provisioning when the system finds a matching Indigo user for a specific Microsoft Entra ID username, but that Indigo user is already linked to another user in the security group specified during setup.

How do I fix it?

Resolving this depends on the cause of the issue. If the user is linked erroneously due to an error in your Microsoft Entra ID security group, manage your employees in that group to fix it, such as by removing the linked user. If there’s no error in the security group, manually add a new Indigo user for the unlinked username following these instructions.


Did this answer your question?