Reputation: 369
Snowflake SCIM error "Invalid group membership value specified"
We were trying to sync an active directory group to snowflake via the Okta SCIM integration and got the following error, wondering what causes it?
{"statusType":"BAD_REQUEST","entity":{"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"detail":"Invalid group membership value specified 45_1","status":400,"schemaTypeError":"invalidValue"},"entityType":"com.snowflake.security.scim.ScimErrorInfo","metadata":{"Content-Type":[{"type":"application","subtype":"json","parameters":{},"wildcardType":false,"wildcardSubtype":false}]},"status":400}
Upvotes: 0
Views: 310
Answers (2)
Reputation: 16
This error is normally seen when the user looses the external SCIM ID. It is normally the case when the user which is provisioned from the SCIM is manually removed from Snowflake.
The communication for the SCIM is one way i.e from the SCIM provider to snowflake. Hence when the user is removed from snowflake the SCIM provider is not aware and still try to update the user.
In order to recover from the issue you will have to reprovision the user.
Upvotes: 0
Reputation: 369
Found solution for it. The user 45_1 was deleted on the snowflake side, we had to remove and re-add them from Okta app assignment, afterwards it synced fine to Snowflake and re-created the user.
Upvotes: 0
Related Questions
- Failure using stage area. Cause: [Access Denied (Status Code: 403; Error Code: AccessDenied)]
- Snowflake Numeric value '' is not recognized
- Snowflake Unsupported Grant Type
- schema does not exist and not authorized
- GET SCIM GROUPS only returns synthetic_group in snowflake
- Snowflake SCIM access token notfication
- Snowflake SCIM - AzureAD groups to link with local groups
- Role creation issue
- Why do i get this error when i connect snowflake and python
- How to resolve Unexpected 'select' error in Snowflake