SCIM Google Workspace Snowflake

Question

Is someone already configure Google Workspace working with Snowflake and has user automatically created (as Okta can purpose)

Thanks for the help

Direct SCIM integration from GSuite for automatic sycn of users and groups(roles) to Snowflake akin to Okta is not possible since GSuite doesn't support the SCIM end-points provided by SF. One of the ways would be to have an intermediate IdP provider to do the SCIM provisioning to SF which can then be leveraged buy GSuite for SSO operations. — Srinath Menon, Jan 07 '22 at 02:56
As a related not: full SCIM seems to be not supported, but authentication is https://blog.mechanicalrock.io/2021/07/05/snowflake-saml-auth-with-G-suite.html — Felipe Hoffa, Aug 24 '22 at 20:52

score 0 · Answer 1 · answered Jan 10 '22 at 05:13

0

If GSuite support SCIM, Then One thing that you may try is Custom SCIM integration as suggested here- https://docs.snowflake.com/en/user-guide/scim-custom.html Currently, Custom SCIM integrations are supported for identity providers that are neither Okta nor Microsoft Azure AD. Although I've not tested this with Gsuite, you may give it a try provided Gsuite has support for SCIM.

answered Jan 10 '22 at 05:13

Md Aurangzeb

51
1

The problem here is that GSuite SCIM end-points are not compatible with the end-points exposed by Snowflake, that's where this would be incompatible even with customer implementation. – Srinath Menon Jan 10 '22 at 06:12

score 0 · Answer 2 · answered Jul 22 '22 at 16:29

Google Workspace supports SCIM autoprovisioning on SAML apps that are already part of their Pre-integrated SAML apps catalog, although this is not explicitly mentioned in their documentation, Automated user provisioning is available only for Supported apps:

See About automated user provisioning

Snowflake would need to work with Google Workspace to see if their solution could be added to the catalog.

SCIM Google Workspace Snowflake

2 Answers2