The GUID cookie may be timing out if the user is not redirected back to saml2sso before the timeout.

No SAMLRequest or SPID parameter in request to SAML2 Single Sign-On Service.

Ending SAML2 Single Sign-On Service request processing with HTTP error 400.

Check the .har file for a GUID cookie in working and non-working flow.

In working, you will see the GUID cookie before saml2sso and in non-working, the GUID cookie is missing.

In the partnership, check the GUID timeout in, GUID Cookie Validity Duration (Seconds), which default value is 60 seconds.

Recommended increasing the timeout as a workaround for now and look into what is causing the delay in getting back to SiteMinder saml2sso.