We recently updated Clarity usernames to a new email domain name and users are not able to get in the application now. Our SSO teams shows that the login was successful but the user is not permitted in.

CLARITY/PPMSSO

Broadcom Support will engage the DevOps team to assist troubleshooting the SSO login issue.
Please provide:
1) Usernames reporting login issue
2) All URL's that work/do not work that they are using to login into Clarity (Prod, Test, Dev).
3) Full explanation of what happens at login (User logs in to Clarity but only seeing blank page, User is not able to get into Clarity at all, etc.).
4) Copy and send any error messages that the user gets on their machine locally or screen shot of the error.
5) If the customer's SSO IDP team is involved please have SSO logs included with any authentication issues happening on customer IDP side. Also include information such as any SSO transformation rules customer might have as they are sending the info to Broadcom Okta.
6) If authentication is hitting Broadcom Okta Support can have the SSO team check on the Broadcom Okta side.

User is getting the 400 error message after successfully entering in the PIV card or credentials in the SSO when logging in.
The solution was for the Broadcom SAAS Ops team to whitelist the customer's domain for this specific user.