ARA-C01 Question #72: Real Exam Question with Answer & Explanation

Question

A company wants to Integrate its main enterprise identity provider with federated authentication with Snowflake. The authentication integration has been configured and roles have been created in Snowflake. However, the users are not automatically appearing in Snowflake when created and their group membership is not reflected in their assigned rotes. How can the missing functionality be enabled with the LEAST amount of operational overhead?

Options

• AOAuth must be configured between the identity provider and Snowflake. Then the authorization
• BOAuth must be configured between the identity provider and Snowflake. Then the authorization
• CSCIM must be enabled between the identity provider and Snowflake. Once both are synchronized
• DSCIM must be enabled between the identity provider and Snowflake. Once both are synchronized

Explanation

The best way to integrate an enterprise identity provider with federated authentication and enable automatic user creation and role assignment in Snowflake is to use SCIM (System for Cross- domain Identity Management). SCIM allows Snowflake to synchronize with the identity provider and create users and groups based on the information provided by the identity provider. The groups are mapped to roles in Snowflake, and the users are assigned the roles based on their group membership. This way, the identity provider remains the source of truth for user and group management, and Snowflake automatically reflects the changes without manual intervention.

No community discussion yet for this question.