I have one ( and only one ) user who is having difficulty logging in to my prod instance via SSO. Everyone else can log in just fine.

This user is getting a "400 error" when trying to authenticate from the okta server. I have attached a screenshot of it. He is using a chrome browser.

Release : 15.8

Component : CA PPM SAAS OPERATIONS SSO

Please check that your IDP is sending the correct value for NameID as part of the SAML assertion sent to Broadcom.

At times, some users may have a different value for their login in the IDP in contrast to what is in Clarity.

For example:

The IDP sends 123abc@<domain>

but the user name in clarity is:  jsmith@<domain>

If your IDP administrator cannot find the problem, Broadcom Technical Support can have you run a SAML trace via a browser extension in Chrome.