Troubleshooting Users and Sign-in
This guide collects common symptoms users and administrators see around sign-in, account state, and the IAM pages, and points you to the place to verify and resolve each one.
Symptom: User cannot sign in even with a correct password
Likely cause: The user account is inactive, or the email address does not match an existing site user.
Where to verify: Admin Center > Site Settings > IAM > Users. Find the row by Email. Check the Active column.
Resolution: 1. Open the user record. 2. Set Active to on. 3. Save and ask the user to retry.
If the email does not appear, invite the user. See How to Manage Users.
Symptom: "Sign in with Microsoft" or "Sign in with Google" button is not on the login page
Likely cause: The provider is not allowed on the instance, or the provider is not enabled for the site.
Where to verify: Admin Center > Site Settings > IAM > SSO providers.
Resolution: - Enable the provider for the site. See How to Set Up Microsoft SSO or How to Set Up Google SSO. - If the provider row is missing, ask a Global Administrator to allow it in Admin Center > App management > IAM > SSO providers.
Symptom: SSO sign-in fails with a provider-side error
Likely cause: The provider is not allowed on the instance, the provider is not enabled for the site, or the account email does not match an Active user record.
Where to verify: Admin Center > Site Settings > Logs > Security log for the failed sign-in event; Admin Center > Site Settings > IAM > SSO providers for the site toggle; Admin Center > App management > IAM > SSO providers for the instance allow list.
Resolution: 1. Confirm the provider is allowed at the instance level. 2. Confirm the provider is enabled for the site. 3. Confirm the user's email matches an Active user record on the site.
Symptom: Account locked after repeated failed sign-ins
Likely cause: Lock-out behaviour on repeated failed attempts.
Where to verify: Admin Center > Site Settings > Logs > Security log for repeated failed-login events for the affected email.
Resolution: An Administrator reactivates the account via Admin Center > Site Settings > IAM > Users. Toggle Active off and on, or ask the user to use Forgot password? on the sign-in page.
Symptom: User is missing administrator menus
Likely cause: The user has the User role rather than Administrator.
Where to verify: Open Admin Center > Site Settings > IAM > Users and check the user's Role.
Resolution: Change the user's role to Administrator if they need access to site administration menus. See How to Manage Users.
Symptom: Direct URL to IAM > Users returns "Not Found"
Likely cause: The IAM Users page does not always resolve when navigated to directly by URL.
Where to verify: Sidebar navigation works reliably.
Resolution: Open the page from the left sidebar (Admin Center > Site Settings > IAM > Users) instead of typing or pasting the URL. If the URL navigation persists in failing, contact support.
Symptom: Session expires during long activity and forces re-sign-in
Likely cause: Sign-in session reached its expiration window.
Where to verify: Browser was redirected to the sign-in page after the expiration.
Resolution: Sign in again. Session timing is set at the instance level.
Symptom: Cannot invite a new user — + New user action does not save
Likely cause: The Max Users quota for the site is reached, or the email address is already taken on this site.
Where to verify: Admin Center > Site Settings > Limits and usage for the Max Users counter; Admin Center > Site Settings > IAM > Users for the existing email address.
Resolution: - If the quota is reached: ask the Global Administrator to raise the per-site cap, or deactivate users no longer in use to free a slot. - If the email already exists: edit the existing record instead of creating a new one.
Symptom: App registration banner reads "API client alert" on every page
Likely cause: An App registration has expired or is within 30 days of expiry.
Where to verify: Admin Center > Site Settings > IAM > App registrations. Look at the Expires column for Expired or In N days.
Resolution: Renew the App registration before its expiration date, or disable it if it is no longer used. See Authentication Reference for the App registration fields.