Environment Details
On the Identity Provider Linked To Vanta test, you may see the following message:
"Unable to load user from identity provider.
Loading this user would cause there to be multiple active users in Vanta with the same email address."
Cause
When an email is synced from an Identity Provider (IDP) like Google Workspace, Vanta will automatically link any existing Human Resource Information System (HRIS) data with a person based on a combination of email address and name matching.
If the email account is deactivated in the IDP for any reason, then reactivated again, Vanta will detect this as 'new employment' and attempt to create a new user profile. This is done to show proof that during an employee's tenure at an organization, they successfully completed their onboarding and offboarding. If they are re-hired, a new user is created in Vanta to show that they have completed onboarding again.
If the previously connected HR Data is still active and connected to original IdP 'employment period', it's unable to create a new user profile for the updated employment period, and will result in this error.
Resolution
Navigate to People in the left-hand column under Personnel
Select the People tab on the left
Click on the More menu in the upper right and select Manage HR data from the dropdown
In the pop-up modal, select Linked and click the appropriate person's name in the Link To Person column
Select Clear from the dropdown
Then click Save in the bottom right corner of the modal
Navigate back to the Identity Provider Linked To Vanta test and click the Refresh icon found under the test name
You should now have two users with the same email in Vanta - a Former user representing their first employment period and a Current user representing their current employment. These dates are pulled from the IdP profile.
Navigate back to the Manage HR Data window and link the HR user data to the updated IDP user profile with the appropriate start date.