There can be multiple reasons to receive Error 400 after enabling SSO. The most common reason for this error is that the domain for your identity provider has not been verified. Below are the steps to resolve this error:
Important: To perform the following steps, you will need DNS Setting Permissions to make the following changes. If you do not currently have permission to make these changes, please send these instructions to your IT/Admin Team for further review.
- Navigate to Administration
- Select Identity Providers
- Select the Identity Provider that you had created previously
You should have a domain named <myDomainName>.com. This should have a verification code like the following:
flexera-domain-verification-mmvzopvqnoixmkbj
- Create a DNS TXT Record (insert example)
- The TXT Record needs to be public
NOTE: If the TXT Record is not visible, you cannot verify the domain.
Want to know more about Verifying a Domain? Please visit Verifying a Domain with a TXT Record.