Hi @Lynne Caputi , yes, you can use dynamic groups in Entra ID to assign users to groups based on their properties, and then use entitlement management to assign roles to those groups.
You can create two dynamic groups in Entra ID, one for GroupA and one for GroupB, and configure the group rules to match the properties of the users you want to include in each group. Then, you can use entitlement management to assign the "Developer" role to GroupA and the "Finance" role to GroupB.
For the user attribute mapping, it depends on the specific requirements of your Snowflake SCIM provisioning configuration. If you need to map a custom attribute to a specific value based on the user's group membership, you can use an expression in the attribute mapping to achieve this but the exact expression will depend on the specific requirements of your configuration.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James