Problem
Users attempting to sign in to login.amperity.com via Single Sign-On (SSO) may see the following error after authentication:
https://login.amperity.com/callback#error=unauthorized&error_description=Access%20denied
This means the user was successfully authenticated by the identity provider (e.g., Okta, Azure AD), but Amperity has denied access. The most common reason is that the user is not part of an SSO group mapped to Amperity.
Solution
-
Confirm Group Access
Check with your internal Identity Provider (IdP) administrator whether the user is a member of a group that is mapped to Amperity.
Only users in mapped groups can access the tenant via SSO.
-
Update Group Membership
If the user isn’t in a mapped group, the IdP administrator should add them to the appropriate group.
-
Retry Login
After the group membership is updated, have the user try logging in again via login.amperity.com.
The “Access Denied” error should no longer appear.
-
If the Issue Persists
Ensure the user’s email in the IdP matches the email in Amperity.
Confirm that SSO settings in Amperity are correctly configured.
-
If still unresolved, escalate to Amperity Support with:
Screenshot of the error
User email address
Tenant name
💡 Tip
Always make sure users are in the correct SSO group before they attempt to log in via SSO.