This is  a problem with the configuration of the SSO agent.

For example, the problem is in the call for "https://portal_URL.com/sigma/rest/resources/USERPIC/iibgw.jpg". This call fetches the user image. It is responded with 401 (unauthorized) because this directory is protected.

Please refer to the page "Protecting CA Identity Portal with CA Single Sign-On" in the product documentation and make sure the configuration matches what it describes:

Single Sign-On Authentication using Symantec SiteMinder

Pay special attention to Configure Agent Configuration Object details.   "/sigma/rest/resources" realm should be protected and the Agent Configuration Object must have the exact same IgnoreExt as in the documentation - ".class,.fcc,.scc,.sfcc,.ccc,.ntc,.css,.js,.woff,.woff2,.svg,.ttf,.eot,.json",
Ensure that "jpg" is not on that list.

This should solve this issue