After enabling SSO in our Clarity SaaS environment, some users are unable to log in despite being authenticated by our IDP (Azure).

The error '400 Login Failed - 400 Bad Request Error Code - GENERAL_NONSUCCESS' is seen when attempting to log in to Clarity.

Clarity 16.0.x, 16.1.x, 16.2.x, 16.3.x.

• The user record in your user directory is missing some attributes that are required (firstName, lastName, Email). These need to be sent by the IDP
• This could also be caused if the certificate at the directory is different from the one that was shared before with Clarity SaaS

• Ensure that the required attributes (firstName, lastName, Email) exist for the user in your user directory (e.g. Azure)
• After setting the required parameters in the directory, the user should be able to login successfully
• Ensure that there has not been any changes to the certificate.

See the Customer Setup section in the Federated SSO Implementation documentation.