If a user encounters a 404 Not Found status or a System Error message, check the URL of the request.

Examples

404 Not Found
https://sso.idp.local/idp/startSSO.ping&PartnerSpId=sp1&TargetResource=https%3A%2F%2Fapp.sp1.local%2F causes a 404 Not Found error, because the separator between the path of the URL and the first query parameter is incorrect. The correct separator is a question mark (?) and not an ampersand (&).
System Error
https://sso.idp.local/idp/startSSO.ping?PartnerSpId=sp1?TargetResource=https%3A%2F%2Fapp.sp1.local%2F causes a System Error message, because the second query parameter separators are incorrect. The correct separator is an ampersand (&) and not a question mark (?).
Tip:

You must also use ampersands for all subsequent separators between additional query parameters in the URL.

In addition, you must URL-encode query parameter values that contain restricted characters. For information about URL encoding, see, for example, HTML URL-encoding Reference (www.w3schools.com/tags/ref_urlencode.asp).

The remedy for both sample issues is to update the URL of the IdP-initiated SSO to:

https://sso.idp.local/idp/startSSO.ping?PartnerSpId=sp1&TargetResource=https%3A%2F%2Fapp.sp1.local%2F