This article covers the most common login and access issues encountered after migrating to Ideagen Hub. Each issue includes the root cause and step-by-step resolution instructions.

The content is intended for all users, with steps that require Administrator access clearly indicated.

1. User wasn't migrated and can't sign in

1.1. Missing email address

Users with no email address in Ideagen Quality Management are skipped during migration entirely. They will not appear in Hub post-migration.

To resolve this issue:

1. Check whether the user exists in Hub.
   If they do not appear, proceed to the next step.
2. Check whether the user record has a missing email address in Ideagen Quality Management
3. A Tenant Administrator must then manually create the user in Hub using the exact same Ideagen Quality Management username.
   This will then sync the user to Ideagen Quality Management within a few minutes.

1.2. Invalid username format

The Ideagen Quality Management username format was invalid and could not be processed during migration. The user will not appear in Hub post-migration.

To resolve this issue:

1. Check whether the user exists in Hub.
   If they do not appear, check whether their Ideagen Quality Management record has an email address. If the email address is missing, follow the steps in Issue 1.1. first.
2. If an email address is present, check the Ideagen Quality Management username for formatting errors (spaces, special characters, or unsupported formats).
   If there are errors, a Tenant Administrator must correct the username directly in Ideagen Quality Management.
3. Once corrected, a Tenant Administrator must then manually create the user in Hub using the exact same Ideagen Quality Management username.
   This will then sync the user to Ideagen Quality Management within a few minutes.

This is a two-step fix. The username must be corrected in Ideagen Quality Management before the user can be created in Hub.

2. Username has changed

2.1. User doesn't know what to enter

If Single Sign-On (SSO) is enabled, the username is updated to match the User Principal Name (UPN). If the customer uses the Ideagen Please Review integration, the username is updated to match the email address. In both cases, the previous username no longer works. 

To resolve this issue:

1. Check the welcome email received after Hub migration.
   A new username is included in that email.
2. If you can't find your welcome email, contact a Tenant Administrator to find your username.

3. User is redirected to the old sign in page

Users who bookmarked the old Ideagen Quality Management sign in URL before migration will be taken to the legacy sign in page when they click that bookmark. The legacy login page does not work after migration. 

To resolve this issue:

1. Delete the old bookmark or saved link immediately.
   Old URLs contain stale session data and are the most common cause of login errors after migration.
2. Navigate to the new Ideagen Hub sign in URL provided in the welcome email.
3. Save the new URL as a bookmark going forward.

4. Users cannot access the application

4.1. SSO Redirect URL not updated

The new Redirect URL required by Hub has not been added to the customer's SSO identity provider. This prevents Hub from completing the authentication flow. 

To resolve this issue:

1. Obtain the new Redirect URL.
   This will be available in the email sent to you about Hub migration. Open a ticket with us if you cannot find the email.
2. Your IT team must add this URL to the Ideagen app registration in your identity provider (e.g. Microsoft Entra ID) under the Web platform.
3. Once the Redirect URL has been saved, users should be able to log in via SSO.
   You can find information on how to update this in our guide to updating Single Sign-On (SSO) configuration.

The Redirect URL must be added under the Web platform, not Single-Page Application (SPA). See the SSO Redirect URL help article for details.

5. Windows client sign in failure

5.1. Conditional Access policy block (Entra ID/MCAS)

After migrating to Hub, the authentication flow now routes through AWS Cognito federating into Entra ID. The previous implementation used the Windows Account Manager as a native Microsoft broker, which passed the Device ID automatically. With this no longer in place, Entra ID does not receive the Device ID, causing Microsoft Conditional Access (MCAS) policies to trigger and block the login request. The web application is not affected - only the desktop app. 

This is a known issue that will be resolved in a future product release.

In the meantime, your IT team can apply a Conditional Access policy exclusion for the Ideagen Quality Management App Client ID in MCAS.

To apply the exclusion:

1. Open the Microsoft Entra portal.
2. Go to the Admin Centre.
3. Select Identity.
4. Select Protection.
5. Click Conditional Access.
6. Open the blocking policy.
7. Select Target resources.
8. Click Exclude.
9. Search for and select the Ideagen Quality Management app registration.
10. Click Save.

Before enforcing the change, use Report-only mode to verify in sign-in logs that the exclusion produces the expected outcome.

6. Cannot add/edit users in Ideagen Quality Management

After migration to Hub, all user management happens in Ideagen Hub. This is an expected behaviour.

You'll create users in Hub, and they will sync automatically to Ideagen Quality Management. Users cannot be created or edited directly in Ideagen Quality Management, but permissions and group assignments can still be managed there as before.

7. Reset password link showing an unrecognised phone number/email address

User is either an external user (SSO enabled) or the user does not exist in Ideagen Hub. 

To resolve this issue:

1. Check whether the user exists in Hub.
   If they are an SSO user, ensure they are set as an External user and the username matches the correct UPN from your SSO provider.
   If they are an internal user, make sure they enter the username exactly as mentioned in the welcome email. 
2. If a welcome email is not received, reach out to a Tenant Admin to look for the username in the Ideagen Hub Admin Console. 

Still having trouble?

If your issue is not listed above or the steps above did not resolve it, please open a ticket with a reference of your Hub migration date.

Looking for additional information?

If you're an IT Administrator, we've included additional information for you in our guide to preparing for the Ideagen Hub integration.