Key-pair authentication
- Last Updated: May 7, 2025
- 2 minute read
- DataDirect Connectors
- ODBC
- Snowflake 8.0
- Documentation
The driver supports key-pair authentication. Key-pair authentication allows you to
authenticate to Snowflake using a pair of private and public keys.
Note: The keys used for authentication must be RSA keys that are at least 2048 bits
long.
To configure the driver to use browser-based SSO authentication:
- Configure the minimum options required for a connection:
- Set the Account Name (
AccountName) to specify the name of your account and the region where it is hosted. For example, my_account.us-east-1. - Set the Database Name (
DatabaseName) option to specify the name of database to which you want to connect. - Set the Warehouse (
Warehouse) option to specify the name of the virtual warehouse to use, or an empty string. - Optionally, set the Schema (Schema) option to specify the schema to use for the specified database.
- Set the Account Name (
- Set the Authentication Method (AuthenticationMethod) option to
21. - Set the User Name (User) option to specify your logon ID.
- Configure one of the following connection options to specify the private
key:
- Set the Private Key File (
PrivateKeyFile) option to specify the absolute path to the private key file you want to use for authentication. - Set the Private Key Content (
PrivateKeyContent) option to specify the content of the private key you want to use for authentication.
- Set the Private Key File (
- If you are using an encrypted private key or private key content, set the Private Key
Passphrase (
PrivateKeyPassphrase) option to specify the password for decrypting the private key or private key content you are using. - Optionally, specify values for any additional options you want to configure. See "Connection option descriptions" for a complete list of options.
Note: If the encryption schema you are using to generate the encrypted
private keys is not compatible with the native encryption libraries of your JRE, the JRE
will return an error. To resolve this issue, either generate encrypted private keys using an
encryption schema that is compatible with your JRE or add a third-party Java cryptography
library to your application (for example, Bouncy Castle) that supports the encryption schema
you are using. For example, to add Bouncy Castle to your application, add the following line
to the
java.security file:
security.provider.n=org.bouncycastle.jce.provider.BouncyCastleProvider,
and then add the Bouncy Castle jars to the classpath of your JRE.The following examples demonstrate the connection information required to establish a session using key-pair authentication.
Connection string
DRIVER=DataDirect 8.0 Snowflake;AccountName=MyAccountName.us-east-1;
AuthenticationMethod=21;DatabaseName=MyDB;Schema=MySchema;Warehouse=MyWH;
User=JohnQPublic;PrivateKeyFile=C:\Program Files\privatekey.p8;
PrivateKeyPassphrase=abc123;odbc.ini file (32-bit driver)
Driver=ODBCHOME/lib/ivsnowflake28.so
Description=My Snowflake Data Source
...
AccountName=MyAccountName.us-east-1
...
AuthenticationMethod=21
...
User=JohnQPublic
...
DatabaseName=MyDB
...
PrivateKeyFile=C:\Program Files\privatekey.p8
...
PrivateKeyPassphrase=abc123
...
Schema=MySchema
...
Warehouse=MyWH
...