-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Snowflake oauth authentication #2050
Comments
add oauth authentication to snowflake adapter (#2050)
Do you know if this will allow for authentication using Azure Active Directory? I use SSO with Azure AD, which I believe will require federated authentication / browser-based SSO. |
Hey @benjaminsingleton - dbt Core does not currently know how to get access tokens from Snowflake via an SSO provider. Our current thinking is that the deployment code which wraps dbt Core (eg. dbt Cloud, or similar) can implement the OAuth flow for Snowflake and pass the resulting access token into the profile before invoking dbt. |
@benjaminsingleton I'm sure you figured this out by now... but for posterity: this will allow authentication (well, authorization) via Azure AD. Once you configure Azure AD app registrations for an appropriate OAuth flow, you can use a client library (or craft your own requests) to get an OAuth token. Pass that token into your dbt configuration and you should be off to the races. As Drew said... you'll need to do this from your deployment code that is running dbt. |
Describe the feature
Support oauth authentication for Snowflake targets.
dbt's Snowflake plugin already supports the specification of an
authenticator
config. If theauthenticator
is configured asoauth
, then dbt should also pass along a target config namedtoken
to the Snowflake connection constructor.Note that a
password
is not required when using theoauth
authenticator.Example config:
Who will this benefit?
Snowflake users that connect to the database using SAML providers.
The text was updated successfully, but these errors were encountered: