Search code examples
pythonsnowflake-cloud-data-platform

Is there a way in snowflake to use sso authentication information via browser mulitple times in a python script?


I build up a connection to snowflake from python with snowpark session library using the authenticator externalbrowser. When I run the code then the browser opens and I type in my credentials. The python code is executing and I get the data from snowflake.

But this happens everytime when I run the python code. Is there a way to store authenticator information to use them multiple times?

I use the same authentication via externalbrowser with datagrip and I can use the authentication several hours.

from snowflake.snowpark import Session

connection_parameters = {
    "account": "xyz",
    "authenticator": "externalbrowser",
    "user": "abcde",
    "role": "role_one",
    "warehouse": "tiny",
    "database": "db1234"
}

# create session
session = Session.builder.configs(connection_parameters).create()

Solution

  • Yes, you can store authentication tokens using Snowflake's private key authentication instead of external browser. Here's how:

    1. Generate a private key pair:
    openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt
    openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
    
    1. Add public key to Snowflake:
    ALTER USER your_username SET RSA_PUBLIC_KEY='contents_of_rsa_key.pub';
    
    1. Update your Python code:
    from snowflake.snowpark import Session
    
    connection_parameters = {
        "account": "xyz",
        "user": "abcde",
        "private_key_path": "path/to/rsa_key.p8",
        "role": "role_one",
        "warehouse": "tiny",
        "database": "db1234"
    }
    
    session = Session.builder.configs(connection_parameters).create()
    

    This eliminates the need for browser authentication on each run.