Troubleshooting sign in for Microsoft Exchange (On-Premise)
If you're having issues signing into Affinity via your Exchange (On-Premise) account, here are some common troubleshooting tips that might help.
Troubleshooting
- I suddenly got signed out of Affinity and can't sign back in.
- I'm trying to sign in for the first time using the correct email address and password, but I still can't sign in.
- We recently changed email servers and now I can't see any of my email interactions in Affinity.
- My company uses single sign-on (SSO), and it's not working.
- My company uses 2-Factor Authentication (2FA/MFA), and it's not working.
I suddenly got signed out of Affinity and can't sign back in.
Since Affinity uses your email credentials to sign in, any changes made to your password or email server will cause Affinity to sign you out and disable email syncing. To sign in and reenable syncing, simply sign back in using your updated credentials on your custom Affinity URL (which is typically formatted as follows):
https://subdomain.affinity.co
- If you are still unable to sign into Affinity, check to see if your password is still valid. You can confirm by simply signing out of your Microsoft Exchange account, then signing back in by manually typing in the password or using an incognito browser.
- If you cannot remember your password, simply reset it through Microsoft Exchange, then try again.
- If you are still having problems signing in, please contact support: support@affinity.co.
I'm trying to sign in for the first time using the correct email address and password, but I still can't sign in.
- Check if you have an Exchange username that you aren't aware of. If you are not sure, please confirm with your IT team. If you do not have an Exchange username, simply leave it blank.
- Make sure you're using the correct email address. You may have a completely separate email address for internal use. If you are unsure, please double-check with your IT team for more details.
- Lastly, if you are hosting your own Exchange servers, the EWS URL will be different than the default EWS URL: https://outlook.office365.com/ews/exchange.asmx
- You may need to contact your IT team to figure out what the correct EWS URL is, or follow the instructions in this article to find it on your own.
We recently changed email servers and now I can't see any of my email interactions in Affinity.
- Occasionally, your organization will host its own Exchange server. In this case, your EWS URL will be a custom URL (example below): mail.example-affinity.co/ews/exchange/asmx
- You can also find/edit your current organization's EWS URL by going to your custom organization URL, then clicking to sign in with Exchange.
- Please check with your IT for the correct EWS URL, and contact support@affinity.co for additional help.
My company uses single sign-on (SSO), and it's not working.
Note: This applies to companies hosting their own Exchange (On-Prem) servers. For those signing in with Office 365, everything will be handled on Microsoft's end. However, if you wish to set up SSO with an Office 365 service, this is possible but would require additional steps such as setting up a Client Credential flow for email syncing. Please reach out to support@affinity.co for more information.
- If your organization is using SSO, and your identity provider supports OpenID Connect/SAML 2, then we can integrate this into our authentication process.
- Your IT team would then have to configure what's called an EWS Impersonation Account so we could sync data. You can see details to set this up here.
My company uses 2-Factor Authentication (2FA/MFA), and it's not working.
Note: This applies to companies hosting their own Exchange (On-Prem) servers. For those signing in with Office 365, everything will be handled on Microsoft's end.
- If 2FA is turned on for your organization, you may have to set up App Passwords for your team.
- Make sure the EWS URL the user entering is correct (see How to find your custom EWS URL).
- There may be a firewall in place that requires you to add our IPs to an allowlist. Our production IPs are: 35.161.157.96, 52.33.85.170, 44.238.55.17, & 44.241.84.7.
- Since Exchange On-Prem uses basic authentication (email/password), there may be settings preventing us from connecting. You can either turn this off or explore our SSO option if basic authentication does not work for your team.