Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Identity Provider (IdP) Authentication #115

Closed
idoki-boxycharm opened this issue Sep 10, 2019 · 5 comments
Closed

Support Identity Provider (IdP) Authentication #115

idoki-boxycharm opened this issue Sep 10, 2019 · 5 comments
Labels
question Issue is a usage/other question rather than a bug

Comments

@idoki-boxycharm
Copy link

Library does not support SSO (single sign on) authentication from IdP such as Okta. This authentication method becomes widespread in organizations, supporting it would make the library usable for this use-case.

The SnowFlake python connector supports it out-of-the-box and can be relied on.
@smtakeda
Copy link
Contributor

authenticator parameter can be specified in connect_args parameter in create_engine method.

engine = create_engine(URL(
    account='ACCOUNT',
    user='OKTA_USER',
    password='OKTA_PASSWORD',
    ),
    connect_args={
        'authenticator': 'https://something.okta.com/',
        },
    )
connection = engine.connect()

@smtakeda smtakeda added the question Issue is a usage/other question rather than a bug label Sep 11, 2019
@Jorne0
Copy link

Jorne0 commented Dec 11, 2020

Perhaps i just don't understand, but I don't think this is solved. My organization doesn't allow user passwords on snowflake accounts. The snowsql external browser authentication works fine but in the above approach for sqlalchemy I still need to provide a password and when I provide my okta password i get a database error saying my password is incorrect (making me think it's sending that password to snowflake rather than okta). How do I connect to snowflake with sqlalchemy using okta without a password (like snowsql)?
Thank you, ~Jorne0

@MichaelFishmanOD
Copy link

MichaelFishmanOD commented Jan 21, 2021
edited
Loading

@Jorne0
My organization uses SAML with externalbrowser authentication and no password. The following works for me:

engine = create_engine(URL(
    account='ACCOUNT',
    user='EMAIL',
    ),
    connect_args={
        'authenticator': 'externalbrowser',
        },
    )

@bryanpost
Copy link

@MichaelFishmanOD I get
sqlalchemy.exc.ProgrammingError: (snowflake.connector.errors.ProgrammingError) 251006: Password is empty

when using your example...

@adreo00
Copy link

adreo00 commented Oct 23, 2023
edited
Loading

@bryanpost I'm also getting the above Password is emptyerror. Did you ever figure out a workaround?

Edit: I think I have this working now.

For future readers: My issue was comma placement. Make sure to close the URL function before specifying the connect_args.

i.e.

engine = create_engine(
    URL(<URL_ARGS>),
    connect_args={
        "private_key": pkb,
        },
    )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Issue is a usage/other question rather than a bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@smtakeda @bryanpost @adreo00 @Jorne0 @idoki-boxycharm @MichaelFishmanOD