How to delete an orphaned Identity Provider record from an instance showing SSO access deniedIssue Orphaned IDP records may appear after cloning an instance. This can affect SSO authentication, preventing access with the error '‘Username or password not valid’. In order to remove a sys_id-identified orphaned IDP record: Export the working IDP record as XML.Open the XML file you just exported and populate the sys_id of the IDP record that needs to be deleted inside the <sys_id></sys_id> tagInside the <saml2_update1_properties> tag, replace "INSERT_OR_UPDATE" with "DELETE".Remove all other tags keeping only the sys_id tag.The XML file should look like this: <?xml version="1.0" encoding="UTF-8"?><unload unload_date="2022-01-09 20:58:23"><saml2_update1_properties action="DELETE"><sys_id>4ae2d23adbe8230018dff46c0c961903</sys_id></saml2_update1_properties></unload> Go to the list view of the identity providers table.Right-click on the column header and choose Import XML.Upload this XML file and click on Upload.Related LinksAdministrator-assisted multi-factor authentication reset