An insurance company has a connected app in its Salesforce environment that is used to integrate with a Google Workspace (formerly knot as G Suite).
An identity and access management (IAM) architect has been asked to implement automation to enable users, freeze/suspend users, disable users, and reactivate existing users in Google Workspace upon similar actions in Salesforce.
Which solution is recommended to meet this requirement?

A. Configure user Provisioning for Connected Apps.

B. Update the Security Assertion Markup Language Just-in-Time (SAML JIT) handler in Salesforce for user provisioning and de-provisioning.

C. Build a custom REST endpoint in Salesforce that Google Workspace can poll against.

D. Build an Apex trigger on the userlogin object to make asynchronous callouts to Google APIs.