Single Sign-On (SSO) Is Not Working

If you're having trouble signing in with your organization's Single Sign-On, find the error message you're seeing below for troubleshooting steps.

"Single sign-on is not configured for your Govenda account"

What this means: Govenda can't find or connect to your organization's SSO configuration.

If you are a board member or standard user: Contact your administrator and let them know you're seeing this error. They'll need to check the SSO configuration on Govenda's side and with your identity provider.

If you are an administrator, check the following:

• SSO not enabled: Open your Govenda company settings and verify that SSO is turned on.
• ACS URL mismatch: The Assertion Consumer Service (ACS) URL configured in your identity provider must exactly match what Govenda expects. Contact Govenda Support at to get the correct ACS URL for your environment.
• SAML metadata or signing certificate expired: Check whether your identity provider's signing certificate has expired. If so, renew it and update the SAML metadata.
• Wrong application selected: If your identity provider has multiple applications configured, users may be clicking an SSO link that points to the wrong Govenda environment.
• ADFS server unreachable: If you use ADFS, verify the server is running and accessible. Test by opening https://[your-adfs-server]/FederationMetadata/2007-06/FederationMetadata.xml in a browser — it should display XML. If it doesn't load, check that HTTPS (port 443) is not blocked by a firewall and that DNS resolves correctly.

"We could not find a valid Govenda account for you"

What this means: Your identity provider authenticated the user successfully, but Govenda can't match the authenticated identity to an existing Govenda user account.

If you are a board member or standard user: Contact your administrator. They may need to create your account in Govenda or fix your email address.

If you are an administrator, check the following:

• User doesn't have a Govenda account: The user needs to be created in Govenda before they can sign in via SSO. Create their account in the Users management page.
• Email address mismatch: The email address or NameID sent by the identity provider must exactly match the email address in the user's Govenda profile. Check for typos, different domains (e.g., @company.com vs @company.org), or extra whitespace.
• Wrong SAML attribute being sent: Your identity provider may be sending a UPN (User Principal Name), employee ID, or another attribute instead of the email address as the NameID. Configure it to send the user's primary email address.
• User assigned to wrong application: In Azure AD or Okta environments with multiple Govenda applications, verify the user is assigned to the correct Govenda application.
• User account is inactive or deleted: Check that the user's account in Govenda is active and not deleted.

SSO was working but suddenly stopped

If SSO was functioning normally and has suddenly stopped for all or some users, check the following with your IT team:

• Signing certificate renewal: Identity providers periodically renew their signing certificates. If the certificate was renewed, Govenda may need the updated metadata.
• Conditional access policy changes: Azure AD conditional access policies or similar rules in other providers can block third-party applications.
• ADFS server issues: The ADFS server may have gone offline, or network changes may be blocking connectivity.
• Application configuration changes: Someone may have modified the enterprise application settings in your identity provider.

If you need help diagnosing the issue, contact Govenda Support at support@govenda.com.

My company uses SSO but I need to sign in with a password

If all of your companies in Govenda have SSO enabled, your account is set to "SSO-only" mode. In this mode, password sign-in is not available — even if you reset your Govenda password.

To request password access, contact your administrator. They may be able to adjust your access settings depending on your organization's security policies.