You need the following information before you begin. See "Creating an OAuth security integration and obtaining client information" for details.

  • Authorization URI: The endpoint for obtaining an authorization code from a third-party authorization service
  • Token URI: The endpoint used to exchange authentication credentials for access tokens
  • Redirect URI: The endpoint that the client is returned to after authenticating with the service
  • Client ID: The client ID for your application
  • Client Secret: The client secret for your application

The following steps describe how you can use the Progress DataDirect Snowflake Configuration Manager to obtain access and refresh tokens. In addition, the Configuration Manager produces a connection URL that you can use in your application.

Note: You must allow popups in your browser to obtain access and refresh tokens with the Configuration Manager.
  1. Open the Snowflake Configuration Manager by double-clicking the driver jar file. Or, in a command line, navigate to the directory containing your driver jar file; then, execute the following command: 
    java -jar snowflake.jar

    The Snowflake Configuration Manager opens in your default web browser.

  2. Provide the following information in the fields provided. These values are required in the connection string. Without them, even basic SQL queries cannot be run.
    • Account Name
    • Database Name
    • Schema
    • Warehouse
  3. Set Authentication Method to OAuth2.
  4. Provide the following information in the fields provided.
    • Authorization URI
    • Token URI
    • Redirect URI
    • Client ID
    • Client Secret
  5. Obtain access and refresh tokens.
    1. Click Fetch OAuth Token.
    2. If the logon popup appears, enter your credentials. (This popup may not appear if you previously logged on.)
    3. If consent popup appears, provide consent, allowing the Configuration Manager to retrieve the tokens. (This popup may not appear if you previously provided consent to the Configuration Manager.)
    4. The Access Token and Refresh Token fields populate with values retrieved from the OAuth authorization server.
  6. Click Test Connect to verify connectivity and run SQL queries against the service.

Results

The Access Token and Refresh Token fields include access and refresh tokens that you can use to implement OAuth 2.0.

The connection string in the Connection String field may be copied and used in your JDBC application to connect with your service.

Note:

Not all the values in the resulting connection string are required. However, the connection string can be copied directly into your JDBC application. The driver ignores any values that do not apply to your OAuth implementation.

For example, the refresh token grant connection string, derived from the Configuration Manager, might include the following properties.

jdbc:datadirect:snowflake:AuthenticationMethod=OAuth2;
AuthURI=auth_uri;TokenURI=token_uri;RedirectURI=redirect_uri
ClientID=client_id;ClientSecret=client_secret;
OAuthCode=oauth_code;AcessToken=access_token;RefreshToken=refresh_token;
AccountName=account_name;DatabaseName=database_name;Schema=schema_name;
Warehouse=warehouse_name;

However, only the following properties are required for a refresh token grant connection string.

jdbc:datadirect:snowflake:AuthenticationMethod=OAuth2;
TokenURI=token_uri;RedirectURI=redirect_uri;ClientID=client_id;
ClientSecret=client_secret;RefreshToken=refresh_token;
AccountName=account_name;DatabaseName=database_name;
Schema=schema_name;Warehouse=warehouse_name;

What's next

You may now configure the driver to use either the access token flow or the refresh token grant. See the following topics for details.