Skip to main content

Troubleshooting Azure AD SSO Account Not Set Up Error

Bryan Byrne
  • Updated

Ensure users can successfully access Workvivo using Azure Single Sign-On (SSO) by confirming they are correctly assigned to the Workvivo Enterprise Application in Azure.

Error Message

If a user sees the message:

“Your account has not been set up yet. Please contact your IT administrator”

when attempting to sign in, this typically indicates an access or configuration issue on the Azure side, rather than an issue with Workvivo itself.

Using Azure SSO with Workvivo

Where the issue occurs

This error is generated during the Azure authentication flow, before the login request reaches Workvivo.

Because the request does not successfully complete in Azure, Workvivo is unable to authenticate the user.

Common cause

In most cases, the affected user is:

  • Not assigned to the Workvivo Enterprise Application in Azure, or

  • Not a member of a group that has been assigned access to the application

How to resolve the issue

The customer’s Azure IT Administrator should complete the following steps:

  1. Sign in to the Azure Portal

  2. Navigate to Enterprise Applications

  3. Open the Workvivo application

  4. Select Users and groups

  5. Confirm that:

    • The user is directly assigned, or

    • The user belongs to a group that has been assigned access

    • Any recent group membership changes have fully synced in Azure

Once the user has been assigned access, they should be able to log in successfully.

Additional Checks (Attributes & Claims)

It is also important to verify that the Unique User Identifier (Name ID) is correctly configured in Azure.

In most configurations, this is set to:

  • user.userprincipalname (UPN)

However, Workvivo typically authenticates users using their email address.

If the UPN and email (user.mail) do not match, this can result in the same error: 

“Your account has not been set up yet. Please contact your IT administrator”

What to check:

  • The Unique User Identifier (Name ID) is set correctly in Azure

  • The value being sent (e.g. UPN) matches the user’s email in Workvivo

  • Alternatively, configure the Name ID to use user.mail if appropriate

Additional Information

  • This error message is generated by Azure, not Workvivo

  • Workvivo does not control Azure user or group assignments

  • Workvivo Support cannot grant Azure application access on a customer’s behalf

  • Azure changes may take a short time to apply

  • Testing the login in a private or incognito browser window can help avoid cached session issues

Still Having Issues?

If the Azure configuration above has been confirmed as correct and the user is still unable to log in, please contact Workvivo Support for further assistance and investigation.

Related articles