I have set up SSO within databricks and automatic user provisioning with Azure Entra and confirmed it is working for all users. However 1 user is presented with this when signing in. The user is in the enterprise app within Azure Entra and the user is also account admin from within the databricks user management console. the user can still login using their email and password but when going through the SSO login process the user always finishes here, even after being re-directed through the entra portal.
I have gone ahead and removed the user from the Entra enterprise applications removed the user from the workspace and replaced all the ownership of that user to a service principal & service user.
I re-added the user the the correct enterprise application and the re-enabled the user for the workspace within the databricks admin console and gave the user, account admin privileges to the workspace.
I told the user to attempt to sign in using SSO to the workspace and this is the error now.
Quick FYI. This Databricks account and workspaces were setup before SSO was seamlessly enabled for subsequent workspaces when enabled on the admin console. The SSO setup in Entra looks like 3 Applications each with their own SSO configuration.
1 Enterprise SSO App in Entra for the databricks admin console
1 Enterprise SSO App in Entra for the databricks development workspace
1 Enterprise SSO App in Entra for the databricks production workspace
This user has the correct permissions (GA) in Entra and is assigned to the enterprise applications for all 3 applications. Yet we are still facing SSO sign in issues.
Another FYI, this user we are trying to remediate is the email used to sign up for databricks admin console.
