Troubleshooting single sign-on

If users cannot use single sign-on to log in to Vonage Contact Center or ContactPad, perform the relevant tasks for the user's issue.

In this page

User can't see the relevant single sign-on button or buttons on the login page in the VCC Admin Portal or ContactPad

Single sign-on buttons will not appear if single sign-on is not correctly configured for the user's account. Check the user's account's configuration. For information about configuring single sign-on, see Configuring single sign-on.

If you have configured the user's account, check the URL that the user is accessing the VCC Admin Portal or ContactPad on. The syntax for the single sign-on URL is https://***.newvoicemedia.com/CallCentre/?account=AccountName, replacing *** and AccountName with the appropriate values for your account. If the user is using ContactPad in Salesforce, check the CTI Adapter URL field in your call center settings in Salesforce. The field must contain the URL in the required syntax.

User can log in to one or more accounts using single sign-on, but can't switch to other accounts

If a user can log in to one or more of their accounts using single sign-on, but not others, you have probably not configured single sign-on in the other accounts. You must configure single sign-on for the same third-party provider in all accounts that the user wants to access: logging in to one account through Salesforce does not enable the user to log in to another account for which you've only configured single sign-on through Microsoft—the converse applies. In addition, for Salesforce single sign-on, you must link all the user's applicable accounts to the same Salesforce org; for Microsoft single sign-on, link all the user's applicable accounts to the same Microsoft Azure Active Directory domain.

User can see the buttons, but can't log in

If the buttons are available but the user can't log in, the user may see one of the following messages:

No account is linked to your Salesforce organisation. If SalesforceUsername is not the correct user, please log out of Salesforce and try again.

This message appears if you have not linked the Salesforce user's org with a Vonage Contact Center account that has Salesforce single sign-on enabled. The user has most likely logged in to the wrong Salesforce org. Check the org that the user is logged in to.

SalesforceUsername is not in the correct Salesforce org for the account AccountName. Please check SSO URL, log out of Salesforce and try again.

This message appears if you have configured the user's account for single sign-on, but the account does not match the account in the URL that the user is accessing the VCC Admin Portal or ContactPad on. Most likely, the user is using the wrong URL or has logged in to the wrong Salesforce org. Check the URL that the user is accessing VCC Admin Portal or ContactPad on. If the URL is correct, check the org that the user is logged in to.

Only email addresses verified by Salesforce can be used. If SalesforceUsername is not the correct user, please log out of Salesforce and try again.

This message appears when the user has not verified their email address in Salesforce. In most situations, the error is due to a Salesforce issue. To fix this issue, change your single sign-on configuration. Select a value in the Salesforce Identifier field in System Settings other than Email. For information about configuring identifiers for single sign-on, see Configuring single sign-on. In some situations, the user can verify their email address in Salesforce.

No Email provided for user MicrosoftUsername from Microsoft.

This message appears if the Microsoft Azure Active Directory does not store an email address for the user—the user's username is generally the same as the user's email address. To fix this issue, change your single sign-on configuration. Select Username in the Microsoft identifier field in System Settings instead of Email. For information about configuring identifiers for single sign-on, see Configuring single sign-on.

No user found with the Username/Email/External ID UsernameEmailOrExternalID. If this is not the correct user, please log out of Salesforce/Microsoft and try again.

This message appears when the account doesn't contain a Vonage Contact Center user matching the external user. Check the following possible causes:

  • The Vonage Contact Center user doesn't exist. Create a Vonage Contact Center user and link it to the external users.
  • The Vonage Contact Center user does exist but its username, email, or external ID does not match the identifier for the external user. Check the identifier values for the users.  For information about configuring identifiers for single sign-on, see Configuring single sign-on.
  • The single sign-on configuration contains the wrong identifiers for matching the users. Check the single sign-on configuration. For information about configuring identifiers for single sign-on, see Configuring single sign-on.

Multiple users found with the Email/External ID EmailOrExternalID. If this is not the correct user, please log out of Salesforce/Microsoft and try again.

This message appears when more than one Vonage Contact Center user matches the external user. For single sign-on to work correctly, ensure that each user has a unique email or external ID, as applicable.

User gets a 500 Internal Server Error or the following message appears: "There was an error logging into the external provider. The error message is: access_denied."

This message can appear for the following reasons:

  • Vonage Contact Center is restricted from accessing your Salesforce org
    To verify that Vonage Contact Center is retricted from accessing your Salesforce org, go to Login History in Setup in Salesforce. Look for entries in the login history with the following details:

    ColumnValue
    StatusRestricted IP
    ApplicationVonage Contact Center

    Restricted IPs

    If such entries appear, change the IP restrictions for the Vonage Contact Center connected app. Go to Connected Apps (in Salesforce Classic) or Manage Connected Apps (in Salesforce Lightning Experience) in Setup. In the list of connected apps, click Edit alongside Vonage Contact Center. In the IP Relaxation list in OAuth policies, click Relax IP restrictions.
    Relax IP

  • The user's single sign-on cookie is invalid or has gone missing
    User needs to restart their browser and click the relevant single sign-on button.

User is experiencing a different problem or single sign-on is still not working after trying above fixes

Contact Vonage Contact Center support for help.