The refresh token grant is used to request a new access token or renew an expired one by exchanging the refresh token at the endpoint specified by the TokenURI property.

To configure the driver to use the refresh token grant for OAuth 2.0 authentication:

  • Set the AuthenticationMethod property to OAuth2.
  • Set the AccountName property to specify the full name of your account and the region where it is hosted. For example, account_name.us-east-1.
  • Set the DatabaseName property to specify the name of the database to which you are connecting.
  • Set the Schema property to specify the default schema to use for the specified database once connected. The specified schema should be an existing schema for which the specified default role has privileges.
  • Set the Warehouse property to specify the virtual warehouse to use once connected. The specified warehouse should be an existing warehouse for which the specified default role has privileges.
  • Set the ClientID property to specify the client ID for your application.
  • Set the ClientSecret property to specify the client secret for your application.
    Important: The client secret is a confidential value used to authenticate the application to the server. To prevent unauthorized access, this value must be securely maintained.
  • Set the TokenURI property to specify the endpoint from which the driver fetches access tokens.
  • Set the RefreshToken property to specify the refresh token used to request a new access token or renew an expired one.
    Important: The refresh token is a confidential value used to authenticate to the server. To prevent unauthorized access, this value must be securely maintained.

The following examples show the connection information required to establish a session using the refresh token grant.

Connection URL

Connection conn = DriverManager.getConnection
("jdbc:datadirect:snowflake:AuthenticationMethod=OAuth2;
 AccountName=account_name.us-east-1;DatabaseName=payroll;Schema=xyz;
 Warehouse=accounting;ClientID=123456789;ClientSecret=FaZBFRsGXTaR;
 TokenURI=https://account_name.us-east-1.snowflakecomputing.com/oauth/token-request;
 RefreshToken=abc12cd34efg5678h9ij87klm6543no32pqr10;");

Data Source

SnowflakeDataSource mds = new SnowflakeDataSource();
mds.setDescription("My Snowflake Data Source");
mds.setAuthenticationMethod("OAuth2");
mds.setAccountName("account_name.us-east-1");
mds.setDatabaseName("payroll");
mds.setSchema("xyz");
mds.setWarehouse("accounting");
mds.setClientID("123456789");
mds.setClientSecret("FaZBFRsGXTaR");
mds.setTokenURI("https://account_name.us-east-1.snowflakecomputing.com/oauth/token-request");
mds.setRefreshToken("abc12cd34efg5678h9ij87klm6543no32pqr10");