Hello Databricks
I wanted to ask a couple questions regarding switching SSO from onelogin to OKTA and turning on user provisioning. We have a total of 4 workspaces ( 1 sandbox , 2 dev and 1 prod) within our account. We have unified login enabled for only 3 of the workspaces but reading the provisioning documentation it says "If you delete a user from the account-level Databricks application in Okta, the user is deleted in the Databricks account and loses access to all workspaces, whether or not those workspaces are enabled for identity federation.โ and โBy default, Databricks users inherit the workspace-access and databricks-sql-access entitlements. By default, Databricks admin users inherit the create-cluster entitlement. You donโt need to assign these inherited entitlements from Okta.โ Which would means that they get deprovisioned from all workspaces and added to all workspaces regardless. If we do not want to provision access prod at all, should we avoid enabling provisioning ?
