When you have configured an identity source for social login, like Google, Facebook, or Apple, and you have Just-In-Time Provisioning turned off, when the user logs in with a correct third party account, and that account doesn't link with an existing account on the Cloud Directory, the user is redirected to the authbroker\loginerror page. We need new macros on this page to obtain the email (social user account id), and the rest of the information sent by the third party at login time. We could have @USER.EMAIL@, @USER.GIVENNAME@, @USER.FAMILYNAME@ etc. The only robust way to get this information is using the information the third party provided IBM, using the secure integration created to this end.
Do not place IBM confidential, company confidential, or personal information into any field.