ZTNA admin configured Azure IDP as Identity Provider via ZTNA Portal and service is shows as ONLINE.

Admin is then able to add selected Azure users to application policies without problems.

When a user attempts to login to ZTNA domain by entering the email they immediately get the following error:

"Internal error occurred. Please try again or contact your system administrator."

There is no redirect to Azure at all, even if we set Azure to be the default Identity Provider.

Previously it worked, but we had an error, and we attempted to recreate the redirection link because it gave us an invalid token error (and we checked it's configured with OIDC)

ZTNA.

Azure Identity Provider.

Space characters existed at the end of the Application ID that was cut and pasted into ZTNA Portal.

Remove the blank space characters from the end of the Application ID.

You can actually see the 'space' characters at the end of the Application ID (or tenant ID) by placing cursor to the end of the field and verifying, as shown in the example below.