You have configured the IdP in SES integration for SAML 2.0 authentication to the console.
After testing the solution, you run into the error while logging:
ICDm / SES cloud console with IdP configured:
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Administrators,-Passwords,-and-Authentication/configuring-a-saml-2-0-based-identity-provider-for-v131783916-d4161e9772.html
One of the possible causes of the failure is using friendly names in the IdP attribute mapping instead of the name.
The recommend approach is to gather HAR file while replicating the issue.
https://knowledge.broadcom.com/external/article/205795/how-to-generate-har-file.html
Check the SAML assertion and compare it against the configured attribute map. Ensure that the names from the assertion are matching the configured ones in the map, and if there are any discrepancies, fix the names in the map in accordance to the assertion.
Make sure to not use the friendly name. Example of the line and names from the assertion:
<saml2:Attribute FriendlyName='friendly_name_mail' Name='example_ID'
Do not use "friendly_name_mail' but 'example_ID'.
If you have issues with logging to the console due to the misconfigured SAML, sign in to the console using the direct link: https://us.securitycloud.symantec.com/oidc/authorize?okta_admin_flow=1