This document is here to help you if your login to Nearmap via Delegated Authentication has failed.

At this point our Delegated Authentication product can support integration with AD FS, Azure AD and OKTA. Other types may be possible on request.

If you are interested in the Delegated Authentication product, please contact your Nearmap account manager to find out if you are eligible.

There are certain errors that can occur when you log in via an external ID provider. Some of the errors can be first directed to your IT department, while others require Nearmap's support.

These are the errors you may encounter:

If you encounter any other error that is not on this list, please contact the IT department in your organisation, and provide them with the error message on your screen.

Login failed: Unable to obtain required user claims from External Identity Provider

When does this error occur?

This error occurs when you try to log in and your external provider software is not configured to send the required claims to Nearmap. 

As part of the configuration process, the external provider should create Claim Issuance Transform Rule "Send LDAP Attributes as Claims", for attributes from Active Directory store, with LDAP attribute mappings:

  • E-Mail-Addresses to claim E-Mail Address
  • User-Principal-Name to claim Name ID
  • Given-Name to claim Given Name
  • Surname to claim Surname
  • Telephone-Number to custom claim urn:nearmap:claims/phone
  • Title to custom claim urn:nearmap:claims/title

The other properties should be left at their defaults.

This error affects the whole account.

What should you do?

If you see this error, please contact your internal IT department for assistance.


Login failed: $username is not a registered Nearmap user

When does this error occur?

This error occurs when you try to login for the first time, and Nearmap attempts to do automatic provisioning for you while this option has not been set up by the external provider.

Automatic provisioning, also called Just-in-Time Provisioning is an optional feature that allows new users to be automatically setup on first login, without having to get an invitation from Nearmap. If your provider has not set up this option, you will get an error.  

What should you do?

If you see this error, please contact your organisation's Nearmap account administrator to be invited to sign up.



Login failed: External Provider for the login request was not found

When does this error occur?

This error occurs when you try to log in and there is a mismatch between Nearmap's configuration and database values.

This error affects the whole account.

What should you do?

If you see this error, please contact Nearmap support  SUBMIT A SUPPORT REQUEST



Login failed: user xxx@xxx.com is not enabled

When does this error occur?

This error occurs when the user successfully authenticated with their directory, but is marked as a disabled user in the customer portal.

What should you do?

If you see this error, please contact your internal support team/administrator, and ask them to grant you access within Nearmap's customer portal.



An error occurred - You are not authorized to access this site

When does this error occur?

This error occurs when the user who is trying to log in is not in an authorised security group in their company's directory.

What should you do?

If you see this error, please contact your internal IT department for assistance.


Sorry, but we're having trouble signing you in

Error wording:

Sign in

Sorry, but we're having trouble signing you in.

The signed in user ..... is not assigned a role for the application .....

When does this error occur?

This error occurs when the user who is trying to log in is not in an authorised security group in their company's directory.

What should you do?

If you see this error, please contact your internal IT department for assistance.



Invalid username/password combination

When does this error occur?

This error occurs in three different circumstances:

  1. There are spaces in your username.
  2. Your email is not set to be managed by delegated authorisation, perhaps your email's domain name is not your normal company domain name.
  3. You are not using delegated authorisation and you've entered an incorrect password

What should you do?

  1. Check the username you entered and ensure there are no spaces.
  2. Contact your internal IT department for assistance.
  3. Check that you've entered the correct password. If the error persists, reset the password.