• Why doesn’t automatic user provisioning from Entra ID add new users to production groups?

  Usually, the reason lies in Entra ID provisioning settings (group scoping and attribute mappings). Before contacting support, ask your Entra/Azure AD administrator to check at least the following: Verify that the correct users and groups are being provisioned Make sure Enterprise Application–level user assignments are correct: production users/production groups must be assigned to the Granite application in Entra ID, and provisioning is not limited to only test users. Remove accounPopular

• Clicking the password reset link gives an error message “The reset link has expired.” What should I do?

  Try the following: Request a new password reset link using the “Forgot your password?” function on the login page and use the link immediately after receiving it. Also check your spam/junk email folder if needed. Always use the most recent link: if you requestPopular

• What should I do if SAML/IdP authentication fails (e.g., “connection timed out” or ERR_CONNECTION_TIMED_OUT) and I cannot log in?

  If SAML/IdP authentication fails with a connection timeout error (e.g., “ERRCONNECTIONTIMEDOUT”) and you cannot access Granite, the cause may be a temporary server connection issue in Granite’s system. In this case, logging in will not succeed until the issue has been resolved in Granite’s server environment. Do the following: Wait a moment and try logging in again. The issue may be temporary, and login may start working again shortly. If the error persists, contact Granite cPopular

• I receive an error message "No access rights to the system" when logging in. What does this mean?

  Common reasons include: You have completed your first login to Granite, and only then was your user account created on the Granite side. Once the account has been created, your organization’s Granite admin user can grant you access rights. Your access to the tool or training has ended, and there are no active permissions. You are logging into the wronPopular

• Can an individual user disable two-factor authentication (2FA) on their own account?

  An individual user cannot disable two-factor authentication (2FA) on their own account if 2FA is enforced through system role settings (e.g., the default role). Even if your user profile appears to show a "Disable" button or icon for 2FA, it does not override role-based enforcement. When 2FA is tied to a role, the setting comes from the role rather than the user’s personal settings. If 2FA is not enabled through the default role and you want to disable it, do the following: Click yourPopular

• The system says my password is incorrect, but I’m sure it’s correct. What should I do?

  Try the following: Verify your username: Enter it exactly in the correct format (e.g., full email address), entirely in lowercase and without spaces. If you’re unsure of your username, request a password reset—on the reset page you will also see your current username. Check the login method: Make sure you are using the correct https:// login address. If you log in with your orgFew readers

• How can I enable or re-enable two-factor authentication (2FA) in Granite?

  If you can log in to Granite Go to Profile / Account settings by clicking your username in the top-right corner → select “User account.” From the left menu, click “Security.” OFew readers

• The password reset function does not send a reset email to me. What should I do?

  Try the following solutions: Check if your organization uses SSO (external login) If your organization uses SSO, the password reset email is not sent from the Granite system. Change your password through your organization’s own authentication service if needed. Your internal IT support can assist with this. Make sure your user account exists The system will not send a reset email if your account does not exist yet. If you’re not sure, ask your administrator to check your aFew readers

• I don’t remember my password and/or username. What should I do?

  If you’ve forgotten your password or username, do the following: Go to the Granite website (the one starting with https://) that you want to log in to, and select “Have you forgotten your username and/or password?” Enter your email address or username (type the email entirely in lowercase and without any extra characters or spaces) and send the request. Check your email, including your spam, promotions, and other possible junk folders. The message should arrive within about 15Few readers

• The program asks for a six-digit code during login. What is this?

  The six-digit code is related to two-factor authentication (2FA/MFA). It is a changing, one-time code generated by an authenticator app (such as Microsoft Authenticator or Google Authenticator) that improves the security of your account. The code changes approximately every 30 seconds. What to do If 2FA is already enabled: Open your authenticator app, find the Granite account entry, and enter the 6-digit code shown in the app to confirm your login. If you have never enabled 2FA oFew readers

• I don’t have an authenticator app on my phone. What should I do?

  Two-factor authentication (2FA) in Granite can only be enabled using a compatible authenticator app. An authenticator app (such as Microsoft Authenticator or Google Authenticator) generates the changing six-digit code (2FA/MFA) required for logging in. What to do Install an authenticator app on your phone (for example, Microsoft Authenticator, Authy, or Google Authenticator) from your app store. Go to the Granite login page and sign in with your username and password. If 2FA isFew readers

• My authenticator app’s six-digit code is not accepted. What should I do?

  What to do: Make sure you are using the correct account in your authenticator app: Many people have multiple codes (e.g., for Microsoft 365 or other services). Ensure you are using the one specifically linked to Granite. Enter the code correctly and quickly: The code changes approximately every 30 seconds. If it expires befoFew readers

• I can’t log in. What should I do?

  Check the correct login method If your organization uses SSO/external authentication (e.g., Microsoft, Google, Active Directory), you should see your organization’s login window when you go to the Granite login page. In this case, password changes are handled in your organization’s own system, and you will not receive password reset emails directly from Granite. If you have a separate Granite username, log in directly through the service’s login page using your usernameFew readers

• What should I do if my username in Granite still uses an old email domain and I cannot change my password or log in?

  If your email domain has changed, but the email address set for your Granite user account still uses the old domain, the system will not recognize the account correctly. As a result, password resets or login attempts will fail. Do the following: Contact your organization’s Granite administrator (Admin user). Ask them to update your username to match your current email address. Once you receive confirmation from the administrator that your username’s email address has been updated,Few readers

• My phone has changed, and the Granite account has disappeared from my authenticator app. What should I do?

  After changing your phone, the two-factor authentication (2FA/MFA) linked to Granite is often still tied to your old device. What to do: If your old phone or a backup method is available: Transfer your Granite account using the authenticator app’s transfer/backup feature (e.g., Microsoft Authenticator: Transfer accounts) and ensure the Granite entry is moved to the new phone. Alternatively, log in to Granite using your old phone and disable/re-enable 2FA in your account sFew readers