snowflakedb / snowflake-connector-python

Snowflake Connector for Python
https://pypi.python.org/pypi/snowflake-connector-python/
Apache License 2.0
601 stars 473 forks source link

SNOW-1774080: Snowflake connector Oauth token refresh (Okta) #2095

Open shokhan-nulogy opened 3 weeks ago

shokhan-nulogy commented 3 weeks ago

What is the current behavior?

Currently, when using Okta to create a Oauth access token to connect to snowflake connector, it will eventually timeout when the access token expires, it then gives an error status.

What is the desired behavior?

Allow for renewal of connection through requesting new access token using refresh token.

How would this improve snowflake-connector-python?

This would allow the expiration and renewal logic to be handled by the snowflake connector rather than having to implement it on our own.

References and other background

No response

sfc-gh-sghosh commented 2 weeks ago

Hello @shokhan-nulogy ,

Thanks for raising the issue. At present, the Snowflake connector does not have a provision for renewing a connection by requesting a new access token using a refresh token. This is due to a security concern.

So, you can handle the OAuth token refresh process outside the Snowflake connector, then re-establish the connection with the new access token.

Regards, Sujan