Snowflake push group fails with the following error: 

Unable to update Group Push mapping target App group <group>: Error while creating user group <group>: Unauthorized. Errors reported by remote server: Access token expired
 

• Snowflake
• Provisioning

1. The Snowflake configuration process creates a SCIM security integration to allow users and roles created in Okta to be owned by the OKTA_PROVISIONER SCIM role in Snowflake and creates an access token to use in SCIM API requests. The access token is valid for six months. Upon expiration, create a new access token manually. Refer to this Snowflake Configuration guide to generate the access token on the Snowflake side. Create and copy the authorization token to the clipboard and store it securely for later use. This authorization token will be entered in the API Token field in the Provisioning tab of the Snowflake application in Okta.

2. Go to Okta Admin Console and navigate to Applications > Applications > Snowflake > Provisioning > Integration > Edit.

3. Enter the correct API token generated in Step 1 and click Test API Credentials.

4. A message confirming successful authentication will be displayed. Click Save.

5. Then navigate to Applications > Applications > Snowflake > Push Groups and attempt the group push again.

Related References

• Snowflake: Configuration Guide