Please verify with your administrator that your LawVu account exists. Ensure you are using the correct email for login. Depending on the user creation method chosen by your IT department, account creation may take some time. Therefore, it's crucial to check with your LawVu admin and confirm that your account has been successfully created.

Please ensure you have provided all login domains for whitelisting. If a domain is not whitelisted in our system, then login for this account with the unlisted domain will fail. Please contact our support team to whitelist domains.

Furthermore, please ensure the user's account has been authorised to access the LawVu application via your Single Sign-On (SSO) solution. In situations where Just-In-Time (JIT) is employed, and the user's account in LawVu remains active despite not being granted access through SSO, such scenarios should be considered.

It's possible that your certificate has expired. Typically, signing certificates have a lifespan of 3 years and must be renewed before expiration. If you're experiencing login issues potentially caused by an expired certificate, the first step is to check with your IT department, as they manage certificates and can verify the expiration. Once confirmed, provide the new certificate to our support team for updating.

When communicating about certificates or sensitive information, ensure it's done from a secure email address that verifies your domain. For security reasons, our support team will not be able to process any updates that do not come from a registered email in the LawVu system.

The user account might not exist yet in LawVu when the user tries to log in. Please check your directory to see if an account exists with the correct username/email.

If your organisation employs Azure Active Directory (Azure AD) for user authentication via Single Sign-On (SSO), there may be a potential misalignment between the users' User Principal Name (UPN) and primary email address. Refer to the below guide extracted from our AzureAD guide for steps to address and mitigate such issues.

Please note: If you have a requirement to use the primary email address instead of the pre-configured UPN as the login then please follow this article.

Under Single-Sign-On and Attributes and Claims, please remove the below "user.mail" claim.

If your organization has Single Sign-On (SSO) in place, all password resets must be managed through your identity provider (e.g., O365, Okta, Google, etc.) and not through the LawVu platform.

Here's what you need to do:

With SSO enabled, password reset processes are handled within your identity provider's system. This means that the LawVu platform does not manage any password resets when SSO is in use.

If you need to reset your password, contact your IT department or refer to your organization's password reset policies.

It's important to follow your organization's security policies and procedures when resetting passwords or managing your account credentials.

With Single Sign-On (SSO) enabled, user invites are disabled within the LawVu platform. To add more users, please follow these steps:

Reach out to your IT department or system administrator to add new users to the LawVu platform.

User management, including adding new users, is now controlled through your identity provider (e.g., O365, Okta, Google, etc.) and not through LawVu.

The LawVu support team does not have access to your identity platform and is unfortunately unable to help. For further assistance, please contact your IT support team.

If a user account was previously created but then deactivated (due to parental leave, business unit change, long vacation, etc.) and now needs to be reactivated, please ensure you are re-enabling the existing account and not creating a new one in your identity provider platform. If a new account is created, the uniqueID will have changed, and this cannot be updated in LawVu as it will not find a matching user, causing the provisioning to fail. Please contact our support team for assistance.

Please ensure the user account has a unique ID set inside your identity platform and below mandatory SAML claims are all configured. It is required for the JIT process to uniquely identify the user account, which requires the uniqueID to be part of the SAML request so any changes to email or name can be accepted by our endpoint.

The NameID format must be set to email or emailaddress and is a mandatory claim in the SAML response.

Please note that if the email is chosen as the unique identifier, there will be issues updating a user's account if that email changes in the future.

If your organisation removes a user account from your identity provider and then creates a new account for that user, the unique ID will change. The SCIM protocol stores this unique ID in our database, and a change is not permitted. In this case, you'll need to contact our support to manually remove this unique ID from our system to allow a full update on this user's account. You might encounter entries in your SCIM log that refer to "external ID change not allowed" or similar messages.

Before you report a problem, can you please check provided guides and help articles. If the issue continues, then please reach out to our support team.