<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
“400: Bad Request Error Code: GENERAL_NONSUCCESS” Received when Attempting Login with SAML IDP
Sep 2, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

When attempting to log in using an external SAML IdP, login fails, and the end user is presented with the error:

 

 400: Bad Request Error Code: GENERAL_NONSUCCESS

 

400 Bad Request Error

Applies To

  • Secure Assertion Markup Language (SAML)

  • SAML Identity Provider (IdP)
Cause

This can be caused by incorrect SAML IdP configuration for "IdP Issuer URI" in Okta.

Solution
  1. Locate the login failure in the system log. If the event shows Authenticate user via IDP FAILURE: Unable to validate incoming SAML Assertion, expand the event.

system log event

  1. Check this section of the event: System > Debug Context > DebugData > ErrorMessage.
    The error message may show the following:

 

The Issuer in the SAML response did not match the Issuer configured for the Identity Provider.

 

error message

  1. If the error message above is seen, please check the IdP configuration in Okta (Okta Admin Dashboard > Security > Identity Providers > Actions > Configure Identity Provider)  to confirm that the “IdP Issuer URI” value matches the “Issuer” value in the SAML Response.

IdP Issuer URI”

 

Related References

Recommended content

Still looking for help?
Loading
“400: Bad Request Error Code: GENERAL_NONSUCCESS” Received when Attempting Login with SAML IDP