Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Snowflake oauth authentication #2050

Closed
drewbanin opened this issue Jan 15, 2020 · 3 comments · Fixed by #2069
Closed

Support Snowflake oauth authentication #2050

drewbanin opened this issue Jan 15, 2020 · 3 comments · Fixed by #2069
Labels
enhancement New feature or request snowflake
Milestone
0.15.2

Comments

@drewbanin
Copy link
Contributor

drewbanin commented Jan 15, 2020
edited
Loading

Describe the feature

Support oauth authentication for Snowflake targets.

dbt's Snowflake plugin already supports the specification of an authenticator config. If the authenticator is configured as oauth, then dbt should also pass along a target config named token to the Snowflake connection constructor.

Note that a password is not required when using the oauth authenticator.

Example config:

my-snowflake-db:
  target: dev
  outputs:
    dev:
      type: snowflake
      account: wxyz526
      # other standard snowflake configs here...
      
      # Specify oauth method + token
      authenticator: oauth
      token: abc123

Who will this benefit?

Snowflake users that connect to the database using SAML providers.
@drewbanin drewbanin added enhancement New feature or request snowflake labels Jan 15, 2020
@drewbanin drewbanin added this to the Barbara Gittings milestone Jan 15, 2020
@drewbanin drewbanin changed the title Support Snowflake token auth Support Snowflake oauth authentication Jan 20, 2020
@beckjake beckjake mentioned this issue Jan 24, 2020
Merged
@drewbanin drewbanin modified the milestones: Barbara Gittings, 0.15.2 Jan 24, 2020
beckjake added a commit that referenced this issue Jan 30, 2020
@beckjake
Merge pull request #2069 from fishtown-analytics/feature/snowflake-oauth
e080bfc 
add oauth authentication to snowflake adapter (#2050)
@benjaminsingleton
Copy link

Do you know if this will allow for authentication using Azure Active Directory? I use SSO with Azure AD, which I believe will require federated authentication / browser-based SSO.

@drewbanin
Copy link
Contributor Author

Hey @benjaminsingleton - dbt Core does not currently know how to get access tokens from Snowflake via an SSO provider. Our current thinking is that the deployment code which wraps dbt Core (eg. dbt Cloud, or similar) can implement the OAuth flow for Snowflake and pass the resulting access token into the profile before invoking dbt.

@drewbanin drewbanin mentioned this issue Apr 20, 2020
Closed
@A132770
Copy link

A132770 commented Dec 22, 2020
edited
Loading

@benjaminsingleton I'm sure you figured this out by now... but for posterity: this will allow authentication (well, authorization) via Azure AD. Once you configure Azure AD app registrations for an appropriate OAuth flow, you can use a client library (or craft your own requests) to get an OAuth token. Pass that token into your dbt configuration and you should be off to the races. As Drew said... you'll need to do this from your deployment code that is running dbt.

@dbeatty10 dbeatty10 mentioned this issue Feb 17, 2023
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request snowflake
Projects
None yet
Milestone
0.15.2
Development

Successfully merging a pull request may close this issue.

add oauth authentication to snowflake adapter (#2050) dbt-labs/dbt-core
3 participants
@drewbanin @benjaminsingleton @A132770