We had a few users reporting error message "Authentication failed due to problem navigating to the single sign-on URL" when using Cisco Secure Client + SAML + external browser auth.
DART logs shows that this is already a known bug: CSCwi37683
Further investigation revealed that it only affected users having installed their default browser via the MS Store.
After looking at it with ProcMon our conclusion is that this is because the filesystem path of MS Store Apps is too long for the Cisco client software to be able to handle.
For example a Google Chrome installed conventionally (76 chars):
"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1
versus a Firefox installed via MS Store (140 chars):
C:\Program Files\WindowsApps\Mozilla.Firefox.126.0.0.0_x64__n80bbvh6b1yt2\VFS\ProgramFiles\Firefox Package Root\firefox.exe -osint -url "%1"
The limit seems to be around 128 characters.
Workaround: Install the browser the conventional way (via .exe/.msi)