I have gone ahead and removed the user from the Entra enterprise applications removed the user from the workspace and replaced all the ownership of that user to a service principal & service user.
I re-added the user the the correct enterprise application and the re-enabled the user for the workspace within the databricks admin console and gave the user, account admin privileges to the workspace.
I told the user to attempt to sign in using SSO to the workspace and this is the error now.
Quick FYI. This Databricks account and workspaces were setup before SSO was seamlessly enabled for subsequent workspaces when enabled on the admin console. The SSO setup in Entra looks like 3 Applications each with their own SSO configuration.
1 Enterprise SSO App in Entra for the databricks admin console
1 Enterprise SSO App in Entra for the databricks development workspace
1 Enterprise SSO App in Entra for the databricks production workspace
This user has the correct permissions (GA) in Entra and is assigned to the enterprise applications for all 3 applications. Yet we are still facing SSO sign in issues.
Another FYI, this user we are trying to remediate is the email used to sign up for databricks admin console.