OIDC Single Sign-On authentication error during login

Ensure the client secret is valid and troubleshoot using a HAR file to identify the root cause.

Written by guruprasad.bn

Last published at: March 12th, 2025

Problem

When you attempt to log in via Single Sign-On (SSO) on Databricks, you encounter the following error on the login page. 

OIDC Single Sign-on Authentication Error.

 

Cause

The identity provider (IDP) is returning a non-200 HTTP response during the OIDC authentication process.

 

Solution

  1. Generate a HAR File. Follow the steps in the Generate Browser HAR Files KB article. 
  2. Examine the HAR File.
    • Search for requests to the following URL.
      https://accounts.cloud.databricks.com/oidc/consume
    • Look for the corresponding response, which typically includes a redirect to either a successful login or an error message, such as:
      https://accounts.cloud.databricks.com/login?error=<ERROR_CODE>
  3. Check the error details for an oidc_code_exchange_failure message. 
  4. Update or reissue your client secret.  

 

If you do not see the oidc_code_exchange_failure message, the SSO error is related to something else. Contact Databricks Support for assistance in further diagnosing the error.