Closed kcd83 closed 4 weeks ago
My initial suggestion would be to document this limitation if it turns out that system$allowlist()
is the cause and the terraform provider should not be responsible for formatting the default urls
Thanks
Hey @kcd83 👋 We're currently working on improving all security integrations. We'll take a look at this issue when working on SAML integration. cc: @sfc-gh-jmichalak.
Hi @kcd83 👋 This is expected, as stated in docs. We can add this limitation to provider docs. cc @sfc-gh-asawicki
@kcd83, we've added this limitation to docs and linked to a Snowflake doc about Okta URLs in v0.94.
Closing as completed.
Terraform CLI Version
1.7.0
Terraform Provider Version
0.90
Terraform Configuration
Category
category:resource
Object type(s)
No response
Expected Behavior
SSO sign in works and redirects as expect regardless of where the login flow starts. For this we need no
_
in urls as follows:Actual Behavior
Refreshing from Snowsight or DBT Cloud fails. The redirect stops throwing an Javascript error visible in the developer console. (Note starting from Okta always works)
The root cause of this is
_
in the url as followsSteps to Reproduce
snowflake_saml_integration
saml2_snowflake_acs_url
orsaml2_snowflake_issuer_url
(rely on defaults)This is more severe for DBT Cloud with fails to establish an SSO connection for a user.
How much impact is this issue causing?
Low
Logs
No response
Additional Information
Snowflake support suggested the root cause is that SNOWFLAKEDEPLOYMENT URL from the system$allowlist() output has ``
Would you like to implement a fix?