Sounds to me like whatever SSO server you are using is missing a required field, should set the SSO server to export that field, or PR Saml to not require whatever that field is. 
/me built their own SSO client since our new work SSO server gives a username… and that’s it, nothing else…
