Sso Error Page

About this block

Sso Error Page is the SSO failure screen, the title names the failure plainly (SSO sign-in failed), the timestamp and provider are shown immediately (Okta, Jun 13, 2026, 14:07) so the user has what they need for a support escalation. A highlighted reason box carries the exact failure: your identity provider did not return an email address, followed by the technical detail in plain words. A numbered what-to-do list names the responsible admin by name and email (Jordan Lee, jordan@acme.com) and tells the user to ask them to check the email attribute mapping in Okta. Two buttons follow: Try again with SSO and Sign in with password instead.

The error object is one const with reason, detail, admin name, admin email, timestamp, and provider. The named admin is the key detail; a generic contact your administrator leaves the user stuck with no path forward.

When to use

Reach for this block as the page returned when an SSO callback fails at the application layer. Wire the error object to your auth provider callback response, the admin fields to your workspace admin lookup, and the retry button to a fresh SSO redirect.

A natural flow around it on an Application Pro page:

Before

• Nothing, auth pages are full-page entries

After

• App shell

What you can display

One strong use is the SAML or OIDC callback error page. Other variants:

• Domain not configured. Replace the email claim error with the domain not yet set up in this workspace reason.
• Account not in directory. Show the reason as your account was not found in the {provider} directory and point to the provisioning docs.
• Session expired. A lighter variant where the SSO session timed out and a single retry is enough.

Tip: include the exact timestamp on the page so the user can paste it directly into a support request without having to find it in browser history.