Note: For OAuth 2.0 authentication, using a refresh token is more user-friendly and secure than using an access token. The access token expires every 10 minutes and may need to be generated multiple times a day, which can prolong the process of establishing a connection and cause a security risk.

The access token authentication flow passes the token directly from the client to the Snowflake instance for authentication. The token is obtained from sources external to the flow and specified using the AccessToken property.

To configure the driver to use the access token flow for OAuth 2.0 authentication:

  • Set the AuthenticationMethod property to OAuth2.
  • Set the AccountName property to specify the full name of your account and the region where it is hosted. For example, account_name.us-east-1.
  • Set the DatabaseName property to specify the name of the database to which you are connecting.
  • Set the Schema property to specify the default schema to use for the specified database once connected. The specified schema should be an existing schema for which the specified default role has privileges.
  • Set the Warehouse property to specify the virtual warehouse to use once connected. The specified warehouse should be an existing warehouse for which the specified default role has privileges.
  • Set the AccessToken property to the value of the token obtained from external sources.

    Important:

    • The access token is a confidential value used to authenticate to the server. To prevent unauthorized access, this value must be securely maintained.
    • Access tokens expire ten minutes after generation. Once connected, the access token remains valid till the session is disconnected.

The following examples show the connection information required to establish a session using the access token flow.

Connection URL

Connection conn = DriverManager.getConnection
  ("jdbc:datadirect:snowflake:AuthenticationMethod=OAuth2;
    AccountName=account_name.us-east-1;DatabaseName=payroll;Schema=xyz;
    Warehouse=accounting;AccessToken=abc12cd34efg5678h9ij87klm6543no;");

Data Source

SnowflakeDataSource mds = new SnowflakeDataSource();
mds.setDescription("My Snowflake Data Source");
mds.setAuthenticationMethod("OAuth2");
mds.setAccountName("account_name.us-east-1");
mds.setDatabaseName("payroll");
mds.setSchema("xyz");
mds.setWarehouse("accounting");
mds.setAccessToken("abc12cd34efg5678h9ij87klm6543no32pqr10");