HowlOps
FeaturesHow it worksPricingIntegrationsDocsChangelogContact
Log inStart free
DOCS

Login issues

Diagnose and resolve problems signing in, including MFA, password reset, and SSO errors.

Cannot sign in — password rejected

  1. Verify you are using the correct email address. Accounts are case-insensitive on email but workspace slugs are case-sensitive.
  2. Check Caps Lock.
  3. Try Forgot password on the login page. A reset link is emailed to you within a few seconds.
  4. If the reset email does not arrive within 5 minutes, check your spam folder. Add the sending domain to your allowlist if necessary.

TOTP code is rejected

TOTP codes are time-based. If your code is rejected:

  1. Verify your device clock is accurate. Even a 30-second drift can invalidate a code.
  2. On iOS: Settings > General > Date & Time > enable Set Automatically.
  3. On Android: Settings > General Management > Date and time > enable Automatic date and time.
  4. If clock sync does not help, use a backup code (one-time use). Go to the login page and click Use a backup code below the TOTP field.
  5. If you have exhausted your backup codes and cannot access your authenticator, contact your workspace Admin to reset your MFA.

Lost access to authenticator app

If you have backup codes: use one on the login page (Use a backup code).

If you do not have backup codes:

  • Ask your workspace Admin to go to Settings > Team > find your account > Reset MFA. This removes MFA from your account, allowing you to set it up again.

MFA is required but I never enabled it

Your workspace admin may have enabled mandatory MFA. You will be prompted to enroll on your next login. Follow the Enable MFA guide to set up your authenticator.

SSO login fails

Symptoms: redirected back to the login page after SSO authentication, or an error from your identity provider.

  1. Confirm SSO is configured correctly in Settings > Security > Single sign-on.
  2. Verify the SAML metadata URL or certificate has not expired at your IdP.
  3. Check that the NameID format matches what HOWLOPS expects (email format).
  4. Look at the detailed error:
    • SAML response invalid signature — certificate mismatch or clock skew between IdP and HOWLOPS (should be within 5 minutes).
    • NameID not found — your IdP is not sending the email attribute. Check the attribute mapping at your IdP.
    • JIT provisioning failed — the email domain is not in the allowed domain list for your SSO config. Update Settings > Security > SSO > Allowed domains.

See SAML debugging guide for advanced diagnostics.

OAuth login fails (Google / GitHub / Microsoft / Apple)

  1. Check that the OAuth provider is enabled: Settings > Security > Social login providers.
  2. If you see "access denied" from the provider, you may have previously revoked HOWLOPS's access in your provider's app settings. Revoke and re-authorize from the provider's security settings, then try again.
  3. Pop-up blockers can interfere with the OAuth flow. Temporarily disable them or open the login page in a private window.

Account locked after too many attempts

Auth endpoints are rate-limited at 10 requests per minute per IP. If you exceed this limit, wait 60 seconds before trying again. If the problem persists, contact support with your X-Request-Id header value.

Email verification required

Some actions require a verified email. Check your inbox for a verification email from HOWLOPS and click the link. If you did not receive it, go to Settings > Account > Resend verification email.

See also

Was this page helpful?