Help center support eXpress

We have collected answers to all the most popular questions to make it easy and convenient for you to use eXpress. If you do not find the answer to your question, please contact our support team.

Registering & Logging In

Registering & Logging In

Registration in the App

To use the app, you need to install it, register, and log in.


During registration, credentials are created, and the first login to the app occurs. You can register as:

After registration, you can log in to the app from an unlimited number of computers and mobile devices.

For Administrators: How User Registration Works

First, a personal account is created on RTS (eXpress) and/or on ETS (branded ETS app). For the personal account, the user’s HUID, which identifies them in the system, and encryption keys are generated (these can be additionally secured with a personal password in the app settings).

Next, the user can remain on RTS as a public user (only in eXpress and only via phone number) or link their personal account to a CTS/ECTS account, becoming a corporate user (mandatory in an ETS app and in the eXpress Corporate app).

Ways to Log In to the App

Registration and login to the app can be done in different ways. If registration without a phone number is enabled by the administrator and the corresponding login methods are available, you will see the following buttons on the app login screen:

  1. QR code. If you are already logged in to the app on another device, you can quickly log in on the current device using a QR code. Available to all corporate and non-corporate users under any server settings.

  2. Phone and credentials. When registering with a mobile phone number, you become a public user with limited functionality (e.g., unable to create conferences) until switching to a corporate account. In the branded ETS client app, logging into a corporate account is mandatory. Credentials are provided by your organization. Re-login on other devices is possible via phone number or QR code. In older versions of the app or if registration without a phone number is disabled, this is the only available method.
    ⚠️ Recommended registration method! A phone number provides additional account protection and preserves correspondence when changing credentials. It can be added later, but only if it is not linked to another account.

  3. Corporate email. Requires a pre-configured corporate account and setup of simplified authentication. Credentials are provided by your organization. Not available for public users. Re-login is possible via email (if simplified authentication is configured), server address, or QR code. Not supported in the Aurora app.

  4. Corporate server address. Requires a pre-configured corporate account. Credentials are provided by your organization. Not available for public users. Re-login is similar to the corporate email method. Not supported in the Aurora app.

If registration without a phone number is disabled in your organization or an outdated version of the app is used, the login screen will contain a field for the phone number with a Log in with QR code button.

Where to Get a Corporate Account?

You cannot create a corporate account on your own. To obtain a corporate account, access, and instructions, contact your organization's support team. There, you can also verify the work email, login, password, domain, and check if the account exists on the server.

Brief general instructions (can be printed on A4 sheet): Download PDF.
Instructions for end users are available here.

Phone and Сredentials

The classic registration and authentication scheme using a phone number.

Phone Number Authentication Scheme Phone number authentication scheme
When registering with a phone number in eXpress, you can skip connecting to the corporate server and remain on the public server. In the dedicated ETS client app, skipping the connection to the corporate server is not possible.

1. Entering a Mobile Phone Number

Enter your phone number to receive a confirmation code via SMS. Your HUID and encryption keys will be linked to it. If configured, you may also need to pass a Captcha verification.

2. Entering the SMS Code

Enter the confirmation code from the SMS. After this, your encryption keys and personal account will be created on the RTS (eXpress) and/or ETS (a custom app).
Attention! When registering or logging into eXpress using a phone number, the number of attempts to receive an SMS is limited. This block can be removed via support. There could be also a daily limit from the SMS provider (10 attempts), which cannot be removed — you must wait 24 hours.
If the code does not arrive or an error occurs, do not request it again but contact support immediately. In a branded ETS app, other restrictions set by the administrator may apply.

3. Specifying a Name and Uploading an Avatar (Only in eXpress)

Specify a name and upload an avatar for your personal account on the RTS. This step is only available in eXpress. The avatar for a corporate account can be changed later in the profile settings if permitted by the administrator.

4. Entering an Email Address

The system will check the email for an associated corporate server.

You can enter any email — if no server is found, you will log in as a public eXpress user (except in the branded ETS app, where this is not possible).

In eXpress, there is a Skip button, which will log you into the public server when used. In the branded ETS app or when manually connecting via Settings > Profile > Corporate Information > Connect, the Skip button is unavailable. In the eXpress Corporate desktop app, clicking this button will prompt you to enter the corporate server address, as registration on the public server is not allowed in eXpress Corporate.

After detecting a server, depending on its settings, you may need to:
  • select a server (check with your organization’s support team),
  • enter credentials,
  • confirm logging in using a code from the email message,
  • or manually enter the server address.
Explanation for Administrators This step involves searching for domains associated with the email (if simplified authentication is configured).
  • If the server is found and the user exists, the short authentication screen for CTS will open (5.1).
  • If the server is not found or Skip is used (only in eXpress):
    • in eXpress — login as a public user,
    • in the branded ETS app or when manually connecting via Settings > Profile > Corporate Information > Connect — proceed to the long authentication screen for CTS (5.2).

5.1 Server Authentication (Short Path)

Enter your credentials to connect to the corporate server. The authentication method depends on the server settings:
  • NTLM: login, domain (may be prefilled automatically), and password are required.
  • Email: confirmation code from the email.
  • OpenID: KeyCloak form (if errors occur, check the Keycloak accountvia your organization's support team).
When logging in again, you can log out of the server using the Logout button (a request for logout). If the administrator confirms the logout, the same device will be required to log in again.

5.2 Entering the Address and Server Authentication (Long Path)

This step is required if:
  • simplified authentication is not configured,
  • the user is not found on the server (in a branded ETS app),
  • you selected Settings > Profile > Corporate Information > Connect in eXpress.
Steps:
  1. Enter the corporate server address.
  2. Enter the credentials for CTS authentication (similar to 5.1).

    Upon successful authentication, one of the following screens will open:

    If the credentials are incorrect or the user does not exist, an error message will appear.


Re-login is similar to 5.1.


6. User Agreement and PIN Code

If configured by the administrator, set a PIN code and accept the user agreement.

7. Entering a Personal Additional Protection Password

If you have a personal password for encryption keys, enter it. For more details, see information here.

8. Opening the Chat List or Home Page

Done! You have logged into the corporate server.

Corporate Email

Authentication scheme using a corporate email address. Login without a phone number. Requires an existing corporate account and configured RTS or ETS simplified authentication (suggests).

⚠️ Not supported in the Aurora app.
Corporate Email Authentication Scheme Corporate email authentication scheme
Attention! If you previously logged in with a phone number, use the Phone and Credentials button or Connect in profile settings. Otherwise, linking a new number will result in message history loss.

1. Entering an Email Address

The system searches for an organization server using the entered email. Then, depending on server settings, you may need to:
  • select a server (check with your organization's support team),
  • enter credentials,
  • confirm login with a code from the email,
  • or manually enter the server address.
Explanation for Administrators At this step, RTS or ETS searches for domains associated with the email (if simplified authentication is configured).
  • If the server is found and the user exists — proceed to step 2.
  • If not configured — "Corporate email not found" error.

2. Server Authentication and Phone Number Verification

  1. Enter authentication data (depends on the corporate server's authentication method):
    • NTLM: login, domain (may be prefilled automatically), and password are required.
    • Email: confirmation code from the email.
    • OpenID: data in the KeyCloak form (for errors, check your Keycloak account with your organization's support team).
    When logging in again, you can log out from the corporate server using the Logout button (request for logout). The same device will be required to log in again.

  2. Phone number verification:
    • If the number is not found or already confirmed — proceed to step 3.
    • If the number is detected — you'll need to confirm it and re-enter your data.
    When entering a number not associated with the server, you'll be redirected to the phone number authentication scheme.

3. User Agreement and PIN Code

If configured by the administrator, set a PIN code and accept the agreement.

4. Entering a Personal Password

If you have a password for encryption keys, enter it. For details — see information here.

5. Opening the Chat List or Home Page

Done! You have logged into the corporate server.

Corporate Server Address

Authentication scheme using a corporate server address. Login without a phone number. Requires an existing corporate account.

⚠️ Not supported in the Aurora app.
Corporate Server Address Authentication Scheme Authentication Scheme Using Corporate Server Address
Attention! If you previously logged in with a phone number, use the Phone and Credentials button or Connect in profile settings. Otherwise, linking a new number will result in message history loss.

1. Entering a Corporate Server (CTS) Address

Enter your corporate server (CTS) address. Its discovery will be performed on RTS (eXpress) or ETS (custom ETS app).

2. Server Authentication and Phone Number Verification

  1. Enter authentication data (depends on the corporate server's authentication method):
    • NTLM: login, domain (may be prefilled automatically), and password are required.
    • Email: confirmation code from the email.
    • OpenID: data in the KeyCloak form (for errors, check your Keycloak account with your organization's support team).
    When logging in again, you can log out from the corporate server using the Logout button (request for logout). The same device will be required to log in again.

  2. Phone number verification:
    • If the number is not found or already confirmed — proceed to step 3.
    • If the number is detected — you'll need to confirm it and re-enter your data.
    When entering a number not associated with the server, you'll be redirected to the phone number authentication scheme.

3. User Agreement and PIN Code

If configured by the administrator, set a PIN code and accept the agreement.

4. Entering a Personal Password

If you have a password for encryption keys, enter it. For details — see information here.

5. Opening the Chat List or Home Page

Done! You have logged into the corporate server.

QR Code

If you are already logged into the app on one device (mobile or computer), you can quickly log in on another using QR code. Entering a password or credentials will not be required. If you have not previously logged in on other devices or cleared sessions, full authentication will be necessary.

Logging Into a Mobile Device via Computer

In the desktop or web app on your computer, go to Settings (avatar button) > Open sessions > eXpress Mobile. In the mobile app, on the login screen, tap Log in via QR Code and scan the code displayed on your computer.

Logging Into a Computer via Mobile Device

In the mobile app, select Settings (avatar button) > eXpress Web. On your computer, open the QR code screen (if needed, click Back to start or Clear data) and scan it from your phone.

QR codes refresh every minute. If you scan an eXpress Mobile code instead of eXpress Web, the error Incorrect QR Code. Try again. (Android) or Can’t parse registration JSON (iOS) will appear. Also, the QR code will not display on your PC if the desktop app window or web app tab is not in focus (click inside the window with your mouse).


Sessions and Logging in on Another Device

The app can be used on an unlimited number of devices, but only one user can work in it at the same time.


Current active sessions on other devices are displayed in the app settings under Open sessions. Your current session cannot be seen in the list. Sessions on different devices are also visible to the administrator in the "Activations" section of the admin panel. The last activity of a session is considered the time the client app connected to the server. On the corporate server, sessions have a special identifier — UDID.

I Changed the Device for Working With the App, What Should I Do?

If you are switching to a new device, follow these steps:

  1. Log in on the new device using one of the following methods:
    • via QR code,
    • via the mobile phone number linked to the app,
    • via email,
    • via the corporate server address.
  2. Close the session on the previous device:
    • Via the old device: Settings (avatar button) > Close session;
    • Via the new device: Settings (avatar button) > Open sessions > close the session of the previous device (with the "X" button or by swiping on iOS).

Additional Data Protection — Personal Password and PIN Code

A personal password and PIN code can be created as an additional measure to protect your data. To create them, after logging into the app, open Settings (avatar button) > Additional Data Protection.


In previous versions of the app (before 2.21 for mobile and before 2.6 for web/desktop), a personal password was mandatory during registration.


Depending on your organization's configuration, you may also be required to create a PIN code during registration.


Only you know your personal password and PIN code. Neither the vendor, developers, nor administrators can recover or change them. The personal password is linked to a personal account. If the same phone number is used for login, the password will be required even when switching between corporate servers — until you opt out of it.


On mobile devices, when the PIN code is enabled, biometrics can be used instead of entering the code.

What to Do If You Forgot Your Personal Password

  1. Try to recall the password: after exhausting attempts, the system will return you to the initial login page, where you can try again.
  2. The personal password can be changed if the app is open on another device (e.g., you are logging into the mobile app while an active session is running on the web app on a computer, or vice versa). The password is changed in settings:
    App Version How to Change the Personal Password
    Android Settings (avatar button) > Additional Data Protection > enter a new password and confirmation > Done
    iOS Settings (avatar button) > Security > Additional Data Protection > enter a new password and confirmation > Done
    Web/Desktop Settings (avatar button) > Main Settings > Additional Data Protection > enter a new password and confirmation > Done
  3. If you are already using the app on a computer, you can log into the mobile version via a QR code, and vice versa:
    • Logging into the mobile app via a computer: In the desktop/web app, select Settings (avatar button) > Open Sessions > eXpress mobile. In the mobile app, on the login screen, tap Log in via QR code and scan the code from the computer screen. No credentials will be required.
    • Logging into the computer via a mobile device: In the mobile app, select Settings (avatar button) > eXpress WEB. On the computer, return to the QR code screen (you may need to click Back to start or Clear data) and scan it from your phone. No credentials will be required.
  4. Or reset the password by selecting Reset Password on the login screen.
    Warning! Resetting your personal password will irreversibly revoke access to all chats, as new encryption keys will be generated. If you change the password (instead of resetting it), the chats will remain intact because the keys stay the same.
    Resetting the password terminates all active sessions (you will be logged out), while changing the password does not (sessions remain active).

You can opt out of the personal password without losing chats in Settings (avatar button) > Additional Data Protection, but this is not recommended, as it lowers data security.


If the Additional Data Protection section does not have a Refuse Password button, it means you have already opted out or never created one.

What to Do If You Forgot Your PIN Code

On the PIN code entry screen, tap Forgot PIN?. The current PIN code will be deleted, the session will end, and you will need to log in again. No data will be lost. If necessary, you can set a new PIN code.


Registration & Logging In Troubleshooting

If you encounter issues with registration or signing in to the app, try clearing the local cache.


Check the instructions for the error below. If that doesn’t help, collect the app sign-in logs and contact eXpress support.

Error After Requesting an SMS Code | SMS Code Is Incorrect or Not Received

Possible errors:

  • “The server is temporarily unavailable”
  • “The server with the specified hostname could not be found”
  • “Error sending SMS, try again later”

What you can do:

  • Disable VPN or proxy, try another network.
  • If you recently changed your SIM card or mobile carrier, wait 24 hours.
  • Check your phone number. Only mobile numbers are supported. Ensure the country is correct — some SMS providers do not send codes to certain countries.
  • Ensure you haven’t exceeded the SMS code limit. For eXpress — no more than 7 requests per day. In a custom ETS app, the limit may differ. If the limit is exceeded, contact eXpress support.
    For Administrators: SMS Limit Exceeded

    Limits for the Russian RTS: no more than 7 requests. Contact eXpress support to find out limits on other RTS. Check the block in the ETS/RTS admin panel (“Security” > Unblock user). For ETS, the administrator can set custom limits. For RTS/CTS, there’s also a daily SMS provider limit—10 attempts (block is lifted after 24 hours).


    To check SMS status, in the “SMS Statuses” section, enter the number (with country code, without “+”). The one_number_limit_exceeded error means the limit is exceeded. The user can try again after 00:00 or sign in via QR code.

    For Administrators: Bad Request Error, Reason: Blocked

    The error means the number is blocked due to frequent SMS requests or an administrator’s restriction.

    For ETS: unblock the number in SMS > Security. For RTS, contact eXpress support. Limits are configured in the same section.


    If the number is listed in Filter by phone, remove it and restart the authentification service. The authentification logs for such a number will show Blocked by phone number XXXXXXXXXXX.

  • If the account is linked to a non-working corporate server, contact eXpress support.
  • There may be issues with the SMS provider or carrier. Ensure the carrier hasn’t blocked automated SMS or restricted SMS codes.
    For Administrators: SMS Provider or Carrier Issues

    Check the sending history in the SMS Statuses section. If SMS isn’t delivered, check with the provider—the subscriber may have blocked automated messages.

  • Check the code input. Each code is valid until a new one is requested. SMS requests can be sent no more than once per minute.

“URL Not Supported” When Requesting an SMS Code on iOS

Reinstall the app. If that doesn’t help, contact eXpress support.

Unhandled_service_error | “An Error Occurred” After Entering the SMS Code

The error may only appear in the logs.

Possible causes:

  • The corporate server is unavailable or data is incorrect.
  • The server certificate is expired or issued incorrectly.
  • Rarely—account deletion and re-registration are required (see below).

Contact your organization’s support team or eXpress support.

For Administrators: Corporate Server Is Down

If the server linked to the user is unavailable, check its status via eXpress support. You may need to delete the server on RTS.

For Administrators: Duplicate RTS Account (2022 Issue)

Some users registered in 2022 had duplicated accounts. eXpress support will check and fix the issue.

For Administrators: Certificate Issues

Errors in the browser console ((Fn +) F12 > Console tab): ERR_CERT_AUTHORITY_INVALID, or in the authentication logs: Trust anchor for certification path not found, javax.net.ssl.SSLHandshakeException: Handshake failed, indicate certificate issues. Check:

For Administrators: Different HUID on RTS

eXpress support will check and fix the account.

For Administrators: Account Deletion and Re-Registration in ETS App Required

If other methods didn’t help:

  • Log the user out.
  • Install eXpress, sign in with the same phone number.
  • Delete the account via eXpress: Settings > Profile > three dots > Delete Account.
  • Register again in the ETS app.

“Login Without a Phone Number Is Not Allowed” Error

The error occurs when trying to sign in via email or server address. The administrator has disabled sign-in without a phone number. Use a phone number.

Incorrect Login or Password for Corporate Account

The authentication logs will show the invalidCredentials error.


Check the corporate server sign-in details. The username, password, and server address can be confirmed with your organization’s support team.

For Administrators: User Is Missing on the Server

The error may occur if the user isn’t synced with the corporate directory. Configure synchronization, run it manually, or wait for it to complete.

For Administrators: AD Requires Password Change on Next Login

If the User must change password at next logon flag is set in AD, clear it — the user can sign in with the new password.

For Administrators: AD User Principal Name ≠ User Logon Name

If the fields differ in AD, the user must enter:

  • Login — UPN,
  • Password — domain password,
  • Domain — leave empty.

Maximum Number of Authentication Attempts Exceeded

The block is lifted automatically (default: after 10 minutes). If you’re signed in on another device, use the QR code. If the password is lost or you can’t sign in, contact your organization’s support team.

“User Not Found”, “User Not Registered on the Server”, or “Email or Login Not Found” Errors

Possible causes:

  • Incorrect login, password, or email address entered;
  • The corporate server account has not been created yet, or there is an issue with directory service synchronization.

Check the entered data. Try entering the corporate email in lowercase. If the issue persists, contact your organization’s support team.

For Administrators: User Not Registered on the Target Corporate Server
  1. Find the user in the CTS/ECTS admin panel under Users.
  2. In the Audit section, ensure the user is not registered and the correct email is specified.
  3. If the user is registered, provide the user’s phone number to eXpress support for verification.
For Administrators: User Account Blocked in AD

When an account is manually blocked in AD, the user is redirected to the server address entry screen. A logout request appears in the admin panel. Upon subsequent login attempts, the user receives the error Incorrect login or password or User not found.

Solution: Unblock the account in AD or perform manual synchronization to create a new user account (if applicable): Registration Settings > Sync.

For Administrators: User Enters Incorrect Authentication Data

Verify the login and email the user is using. You can request a screenshot of the error — it will show the server name. If the data is correct, ask the user to clear the cache or reinstall the app.

For Administrators: AD User Not Displayed in the Admin Panel
  1. Check if the user is in the AD synchronization group.
  2. Wait for synchronization to complete or perform it manually: Registration Settings > Sync.
  3. If the issue persists, collect logs from the ad_integration service and contact eXpress support.
For Administrators: AD User Missing Email in the Admin Panel
  1. Check the number of user accounts. A name change may have created a new account. If there are two, log out the old account and sync with AD.
  2. If unresolved, enable debug logging for the ad_integration service, collect container logs, and forward them to eXpress support.

“User Already Registered”, “This Login Already Used”, or “This User is Already In the System” Errors

Possible causes:

  • Using a New Phone Number
    You are trying to log in with a number not used during registration. Enter the original number or link a new number (if allowed by your administrator).
    For Administrators: User Uses a Different Phone Number

    Verify the phone number. eXpress support can check the number’s association to CTS/ECTS. If unlinked, ask the user to enter the original number.

    For Administrators: Cached Old Number in Use

    The error occurs if the user forgot the number and is mid-authentication. Restart the process. If unresolved, check ad_integration service logs.

  • Number Linked to Another Account
    If you changed employers, contact the previous employer to log out the account. Corporate correspondence is company property; the former employer must log it out. The app may have had a different name, not eXpress.
    For Administrators: Number Linked to Another Server

    Check the number link via eXpress support (on RTS) or the admin panel (on ETS). If linked to another server, request user logout via eXpress support.

  • Active Directory Credentials Changed
    If AD login or password changed (e.g., due to a name change), contact your organization’s support team to log out the old account and switch to the new one.
    For Administrators: AD Login Changed
    1. Log out the old account.
    2. Sync with AD: Registration Settings > Sync.
    3. Verify the user’s email in the admin panel.
    4. Ask the user to log in with new credentials. ⚠️ To retain correspondence, they must log in to the same server with the same phone number, then rejoin group chats and channels!
    For Administrators: Error After AD Password Change

    Click Clear cache in the user’s admin panel profile. To prevent future issues, uncheck User must change password at next logon in AD.

  • Login Attempt with Number After Numberless Registration
    You previously logged in without a phone number, then logged in to the same server with one. These are technically different accounts. To link the number to the “numberless” account:
    1. 1. Log in with the phone number (skip corporate data entry).
    2. 2. Delete this account.
    3. 3. Log in to the corporate account without a number and link the freed number (if allowed by your administrator).
    For Administrators: Login Method Mismatch

    Verify if a number was used during registration. Assist the user in deleting or changing the number in the profile if needed.

  • Login Attempt via External Client Account
    Logging in via an external client account is not allowed.
    For Administrators: Login via External Client Account

    Accounts in the “External client users” section are for conferencing terminals only. Change the external client account’s email in the “Users” section to another one so the user can log in to the correct regular account with their email.

  • Numberless Login When Disallowed
    If the administrator disabled numberless login, contact your organization’s support team to temporarily allow numberless login so you can add a number.

Network Error When Connecting to the Server

Possible error messages:

  • “Network error, check your connection to the server”;
  • “The server with the specified hostname could not be found”;
  • “Pairing error” when scanning a QR code;
  • “Your Internet connection may have been interrupted”;
  • “Could not resolve host”.

The error is usually related to network issues, ISP problems, server settings, or an incorrect certificate. To resolve:

  • On mobile, switch between Wi-Fi and mobile data (LTE) or disable “Airplane mode”.
  • Try tethering from another device or using a different ISP.
  • Disable VPN, ViPNet, proxy, firewall, or antivirus. Add the app to exceptions. Check and grant required network access.
  • In the web version, disable browser extensions or proxies (e.g., friGate) that may affect traffic.
  • If your organization uses a third-party certificate, install it (contact your organization’s support team or eXpress support).
  • Try clearing the cache or reinstalling the app.
  • Wait a few minutes and try again.

If unresolved, contact your organization’s support team or eXpress support.

For Administrators: Numberless Login to an Outdated Server

Regularly update server software.

For Administrators: Registration Method and Certificate Diagnostics

Open the following link in the user’s and your browser:

https://server_address/api/v2/ad_integration/register_methods
  • If the link fails only for the user, check their VPN, ViPNet, proxy, antivirus, or browser extensions. Ensure required network access is granted. In the web app, check the browser console (Fn + F12 > Console tab) for errors.
  • If the browser reports certificate issues, check the certificate.
  • If register_metod_not_set appears, select a registration method and sync source in the admin panel (Registration Settings), then click Save.
For Administrators: Desktop Client Misconfiguration

In organizations with restricted internet access, the desktop client settings must specify the correct hostname matching the proxied web app.

For Administrators: Incorrect Number of CTS Encryption Keys
  1. Open the web app and browser console (Fn + F12 > Console tab). Look for a 400 response to the register_confirm request.
  2. On the server, collect ad_integration service logs. Look for entries like: 
    
2021-10-19T12:52:34.998418907Z 2021-10-19 12:52:34.991 request_id=Fq9vp4IcJ-0j9u0AiWUB [info] POST /api/v1/ad_integration/register_confirm
2021-10-19T12:52:35.138010731Z 2021-10-19 12:52:35.133 [error] The number of cts keys isn't one: []
2021-10-19T12:52:35.142127307Z 2021-10-19 12:52:35.133 request_id=Fq9vp4IcJ-0j9u0AiWUB [info] AdIntegrationWeb.Api.RegistrationController.register_confirm error: %ApiController.Error{code: 400, error_data: %{}, errors: [], reason: :keys_error}
  3. Resetting the user’s encryption key password will help generate new keys. ⚠️ Correspondence will be lost!

“Corporate Email Not Found” Error After Entering Email

This error may appear in two cases:

  • You selected sign-in via corporate email on the first screen. Check if the email is entered correctly, choose another sign-in method, or contact your organization’s support team or eXpress support to set up simplified authentication for automatic server discovery.
  • The error appeared on the email confirmation screen. Make sure the address is entered correctly or contact your organization’s support.

“Corporate Server Address Not Found” Error After Entering Server Address

Check if the address is entered correctly, whether there are any network issues, or contact your organization’s support team or eXpress support.

For Administrators: Diagnosing Server Address Errors

Additional possible causes:

  • The server software version is below 3.13.
  • The registration type is not specified in the Registration Settings section of the admin panel.

“Please Use a Special Application…”, “Please Use Other Application Version…” Errors

This error occurs if:

  • You are trying to connect to an eXpress corporate server, but your account is linked to an ETS app server, or vice versa.
  • You changed jobs, and your previous employer did not log out of your account on the old server. Contact them or eXpress support. For details, see account logout.
  • You are trying to sign in without a phone number, but the administrator has prohibited such sign-ins. For details, see sign-in with a phone number required.
For Administrators: Unable to Sign In to ETS After Logout (Backend Below 3.9)

If a user switched from one ETS app to another but the old ETS ID is displayed in the profile, follow these steps:

Method 1: Direct Database Update

If you have database access, run the command:

ets_phonebook_prod=# update users set ets_id = null where huid = 'USER_HUID';

Method 2: Console Commands (If Database Access Is Unavailable)

  1. Access the ets_phonebook_1 console:
    docker exec -it ets_phonebook_1 sh ./bin/ets_phonebook remote_console
    or:
    dpl --dc exec phonebook sh ./bin/ets_phonebook remote_console
  2. Run the code:
    defmodule ETSPhonebookWeb.ClearIds do use ETSPhonebookWeb, :command alias ETSPhonebook.Models.User alias ETSPhonebook.Queries.UsersQueries alias ETSPhonebook.Repo def execute(huid) do with {:ok, user} <- UsersQueries.by_huid(huid), {:ok, _} <- update_local_user(user) do :ok end end defp update_local_user(user) do user |> User.changeset(%{cts_id: nil, ets_id: nil}) |> Repo.update() end end
  3. Apply the changes:
    ETSPhonebookWeb.ClearIds.execute("USER_HUID")

Note: This issue is fixed in server software version 3.9.

"cts_registration_not_supported” Error When Logging in via QR Code

The issue is related to the corporate server. Contact your organization’s support team or eXpress support to restore the server.

“Connection error, please contact your administrator” Error When Logging in via Email or Server Address

Contact your organization’s support team to update the app's server part to the latest version. Until updated, only phone number or QR code login is available.

“Can't read RTS keys” Error When Logging in via QR Code from iOS to Web/Desktop App

The mobile app uses incorrect keys due to outdated version or login issue.


Solution:

  1. Close the session in the iOS app.
  2. Log in to the iOS app again (without QR code).
  3. Retry logging in to the web/desktop app via QR code.

“Error loading public keys” in iOS App

Reinstall the app and try logging in again. If the error persists, contact eXpress support.

“Error while connecting to Active Directory via NTLM”

The issue is caused by group policy settings. Contact your organization’s support team.

For Administrators: Configuring Group Policy or Changing Registration Method

If the NTLMv2-related error occurs on different devices, do one of the following:

  • In the domain group policies, clear the Require NTLMv2 Session Security checkbox.
  • Or change the registration method from NTLM to Email in the corporate server settings.

“Request_invalid_signature” Error When Logging in to Corporate Server

The error occurs due to incorrect time settings on the device.

  • Android. Enable automatic time and time zone settings on the device. Relog in to the app.
  • iOS. Enable automatic time settings (or toggle off and on this setting) on the device. Reinstall the app and log in again.
  • Web/Desktop. Configure computer time synchronization with an NTP server (if needed — via your organization’s support team). Relog in to the app.

“SSL Error”, “Server Connection Error”, “Connection Error” on Android When Entering Phone Number, Email, or Server Address

Update the app. If that doesn’t help, contact your organization’s support team or eXpress support.


For Administrators: Check the certificate.

“Authentication error. Please try again later” When Scanning QR Code

If phone number login works but QR code login doesn’t, contact your organization’s support team to check the server.

For Administrators: Check Registration Attempt Limit

Request web/desktop app logs from the user. For the registration_confirm_attempts_exceeded error in the admin panel:

  • Go to Registration Settings > Email.
  • Ensure the Maximum Attempts field is set to at least 5.

If the field is empty, the default is 3 attempts.

Unexpected Session Logoff or Redirect to Login Screen

Possible causes:

  • The session was terminated by the server administrator.
  • Browser cache cleared (in web app) or credential keys deleted (in desktop version) in Windows Credential Manager or keychain (macOS, Linux).
  • VDI usage without additional settings.

If the issue persists, contact your organization’s support team or eXpress support.

For Administrators: Diagnosing Unexpected Session Logoff

Check:

  • Whether cache is cleared on client computers or VDI is configured.
  • Events in the Audit section of the admin panel. If the session was terminated by a user, it will be shown in their activation (under Activations) as the closed_by_user_request.
  • Active Directory Sync Settings (e.g., password change or group removal may automatically end sessions).
  • Activation lifetime in the Activations section in the admin panel.
  • KeyCloak access token expiration.

Profile Creation Error | “Cannot Decrypt RTS Access Token” Error

If an error occurs after logging into the corporate server in the web or desktop app, and the message “Creating profile error” appears on Android when connecting to CTS, the account requires correction on the server. Contact your organization’s support team or eXpress support.

For Administrators: Fixing RTS ID

The error may occur if:

  • the user registered on the Russian RTS and then changed the country in the web app;
  • the user registered on a foreign RTS but is trying to log in from a mobile device.

In this case, the registration request may be sent to the wrong RTS where the initial registration took place. The logs display the error:

{ "error_data": {}, "errors": [ "Cannot decrypt RTS access token" ], "reason": "request_invalid_signature", "status": "error" }

Solution: update the user’s rts_id on CTS by specifying the value from their personal account on RTS. To do this:

  • Confirm the user’s rts_id with eXpress support.
  • Run the following commands in the console: cd /opt/express dpl --dc exec postgres psql -U postgres \c ad_phonebook_prod update users set rts_id = 'required_rts_id' where huid = 'user_HUID';

Note: the issue is resolved in version 3.22 of the server and client software.

Warning “Add a Telephone Number: The Administrator has Prohibited Login without a Telephone Number”

If this message appears when logging into the app:

  • add a phone number to the profile;
  • or contact your administrator (via your organization’s support) — the requirement may need to be disabled in the server settings.

Errors “An Error has Occurred. Try Again Later” and “Number of Attempts to Send Code Exceeded” (Email)

The authentication logs display the max_failed_email_sending_attempts_reached error.


Cause: the daily limit for sending email codes from your IP address has been exceeded.


What to do:

  • try again after 24 hours;
  • or contact your organization’s support team.