Error "the IdP Sent us the status code ... Responder" at login

Attempts to log in with single sign-on (SSO) result in this error.

{“error”: “The IdP Sent us the status code ‘urn:oasis:names:tc:SAML:2.0:status:Responder’. The second-level status code was: ‘urn:oasis:names:tc:SAML:2.0:status:RequestDenied’. Check if ‘[unknown user]’ is allowed to use single sign on with ZIVVER in your IdP’s settings.“}

Cause

The cause is unknown.

Solution 1

Add the user to the application group. Only users from this Zivver group can authenticate through ADFS.

Solution 2

Change the privileges of the policy from intranet to public.