SNOWFLAKE - AZURE ACTIVE DIRECTORY Integration

Question

I'm trying to integrate Azure Active Directory with Snowflake. I've set everything up as instructed in this document : https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/snowflake-tutorial

After having logged into my Azure account, when I click on the button "Login with AzureAD", I have this error : Error 400 Bad Request. Our apologies for the inconvenience. The requested you made couldn't be completed

I need help to know why this error and how to login Snowflake using AzureAD!

Answer 1

I appreciate this is old, but for anyone coming here looking for an answer, there were a couple of issues I had and this may help others.

Firstly, when I created the security integration in snowflake, when I specified the saml2_x509_cert value I had included line breaks (as they appear in the cer file provided from Azure) and snowflake expects this to be a single line. Remove all line breaks and also exclude the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" text.

Secondly, after the Azure AD config was complete I was passed the info but things weren't labelled quite the same as what was in the Azure documentation and I had put the wrong value in for the saml2_issuer option for the security integration. I guess the advice here is just double check the values you have in here.

The saml2_issuer value should begin "https://sts.windows.net"

The saml2_sso_url value should begin "https://login.microsoftonline.com"