Microsoft recently reported a potential risk associated with Microsoft Azure AD. This vulnerability could impact Gong customers who authenticate via Microsoft Azure/Office 365 (i.e., Microsoft is selected under Company Settings > Authentication > Common identity providers).
The issue may occur if Office365/Azure, when used as an identity provider, has been registered with more than one email address for the user: The primary email address, or preferred user name, and a secondary email address.
If your company uses Microsoft AD to authenticate and you are having trouble logging in, reach out to your Gong Technical Administrator to follow the steps outlined below.
The issue
Microsoft verifies the preferred email address by proving ownership of its domain via DNS record modification. When the preferred user name matches any of the user's emails in Gong there will be no authentication issue.
The secondary email does not have to be verified and can be spoofed, which creates a risk. If the user’s secondary email is used as a user name in Gong and is on a different domain than the preferred one, we cannot use the secondary email to login.
The solution
To address this, first confirm the user with the login issue is a valid Gong user. You can then do one of the following:
Solution 1: Click Company settings > Team members, select the user, and add their preferred user name email address to their Additional email addresses. This does not require customer support.
Solution 2: Click Company settings > General settings to view the domains that Gong has associated with your account.
Confirm that the preferred user name’s domain is missing from your company’s settings.
Contact Gong support by opening a customer support ticket to add the missing domain to your account.
After the missing domains are added, your Gong users who are associated with that domain will be able to log in.
For further assistance, open a customer support ticket.