There can be multiple reasons to receive Error 400 after enabling SSO. The most common reason for this error is that the domain for your identity provider has not been verified. Below are the steps to resolve this error:
Important: To perform the following steps, you will need DNS Setting Permissions to make the following changes. If you do not currently have permission to make these changes, please send these instructions to your IT/Admin Team for further review.
- Navigate to Administration
![Admin.PNG Admin.PNG](https://community.flexera.com/t5/image/serverpage/image-id/7168i83D179F21B2CDBFA/image-size/large?v=v2&px=999)
- Select Identity Providers
![Identity Provider.PNG Identity Provider.PNG](https://community.flexera.com/t5/image/serverpage/image-id/7169i985B7BC33D45BD2E/image-size/large?v=v2&px=999)
- Select the Identity Provider that you had created previously
![Provider.PNG Provider.PNG](https://community.flexera.com/t5/image/serverpage/image-id/7170i60EB044375B28A39/image-size/large?v=v2&px=999)
![List.PNG List.PNG](https://community.flexera.com/t5/image/serverpage/image-id/7171iAAC06C0E6ABF27B6/image-size/large?v=v2&px=999)
You should have a domain named <myDomainName>.com. This should have a verification code like the following:
flexera-domain-verification-mmvzopvqnoixmkbj
- Create a DNS TXT Record (insert example)
- The TXT Record needs to be public
![List1.png List1.png](https://community.flexera.com/t5/image/serverpage/image-id/7172iBA07ABD5B5C692D6/image-size/large?v=v2&px=999)
NOTE: If the TXT Record is not visible, you cannot verify the domain.
![Actions.png Actions.png](https://community.flexera.com/t5/image/serverpage/image-id/7173i71B50078D4F9098F/image-size/large?v=v2&px=999)
![Verify.PNG Verify.PNG](https://community.flexera.com/t5/image/serverpage/image-id/7176i1E3FD90A20CC7375/image-size/large?v=v2&px=999)
Want to know more about Verifying a Domain? Please visit Verifying a Domain with a TXT Record.