Skip to content
InPolicy InPolicy Docs

Sign in for the first time

There’s no separate InPolicy password to remember. You sign in through your work identity provider — Google Workspace or Microsoft Entra — or you accept an emailed invitation from your admin and set a password on the way in.

Option 1: SSO (Google Workspace or Microsoft Entra)

Section titled “Option 1: SSO (Google Workspace or Microsoft Entra)”

Your admin has connected your organization’s identity provider. Sign-in is a redirect:

  1. Go to your tenant URL — usually https://app.inpolicy.ai or a subdomain your admin provided.
  2. Click Sign in with Google or Sign in with Microsoft.
  3. Approve the OAuth consent prompt the first time (your admin already approved the app for the organization; your personal consent covers profile and email scopes).
  4. You’ll be redirected back to InPolicy, signed in.

Your name, email, and avatar come from your identity provider. If you change any of those at the provider level, InPolicy will pick up the change the next time your admin runs a directory import (see Directory sync).

Option 2: Email invitation

Section titled “Option 2: Email invitation”

If your admin invited you by email, you’ll receive a message with a link that looks like:

https://app.inpolicy.ai/auth/accept-invitation?token=…
  1. Click the link. No sign-in is required to open it.
  2. Set a password on the acceptance screen.
  3. You’re in.

Invitation tokens expire after 7 days. If the link says “invitation expired”, ask your admin to resend the invitation.

Troubleshooting

Section titled “Troubleshooting”

”You don’t have access to this tenant.”

Section titled “”You don’t have access to this tenant.””

You aren’t in the directory yet. Ask your admin to invite you directly, or — if SSO directory sync is enabled — wait for the next sync.

”Domain not allowed.”

Section titled “”Domain not allowed.””

Your email domain isn’t on the tenant’s allowlist. This is controlled by an admin under Settings → SSO.

Section titled “The invitation link says “expired.””

Tokens expire after 7 days. Ask your admin to re-send — there’s no way to extend an already-issued token.

”Invalid token” or “token already used.”

Section titled “”Invalid token” or “token already used.””

Invitation tokens are single-use. If you clicked the link, accepted, and then tried again from the same email, that’s expected. Go to https://app.inpolicy.ai and sign in normally instead.

I signed in, but I can’t see any policies.

Section titled “I signed in, but I can’t see any policies.”

You’re probably on the default User role, which only sees published policies. If your team hasn’t published anything yet, there’s genuinely nothing to show. The empty state is the empty state.

What happens next

Section titled “What happens next”
  • Install the browser extension if your team uses it.
  • If you’re an admin, head to users and roles next.
  • Otherwise, you’re done — browse published policies from the Policies menu.