Dataiku - Snowflake Entra ID authentication: The application asked for scope that doesn't exist on the resource
I am configuring OAUTH to authorize Dataiku developers in Snowflake using external OAUTH on Entra ID.
In the Dataiku documentation i have information:
Fill the scope with the operations and roles permitted for the access token (This depends on your OAuth Server so check the official doc). Or if you do not want to manage Snowflake roles in your OAuth2 server, pass the static value of SESSION:ROLE-ANY
in the scope.
Also in snowflake documentation mentioned that SESSION:ROLE-ANY
is applicable.
When I've configured server APP in Entra Id and added scope to API exposure.
Then I granted permissions to it in the client app.
But now when I try to authorize in Snowflake through Dataiku, i receive an error:
The application 'snowflake oauth client for DSS users (for person user)' asked for scope 'session:role-any' that doesn't exist on the resource '00000003-0000-0000-c000-000000000000'.
What can be the reason? Or where i can check what it can be?