The user is not able to use the SSO link itself. When user tries using single sign on, he keeps getting redirected to the login page. If he then uses username and password, he is receiving an invalid password error.

The user will not be able to log in directly In CloudHealth. They do not yet have account created within Cloudhealth. 

They will have to login via SSO, but first need to have their user account provisioned similarly to other users within the same domain (randstat.it).  Your IDP Admin needs to enable the user account in order for them to successfully login via SSO. Once SSO is enabled within a tenant, there is no way to manually invite users for security reasons.

Customer will need to work with their IdP admin / user admins to ensure the user is provisioned similarly to other users within the same domain. 

Once this is done, a CloudHealth Admin within your CloudHealth tenant can then work through the following process to add the user to the correct user groups through manual assignment - https://broadcomcms-software.wolkenservicedesk.com/external/article?articleNumber=283855