Open in app

Sign in

Write

Sign in

Snowflake Single Sign-On Using Azure AD

Boopathitraj dhanaraj
BI3 Technologies
Published in
4 min readOct 29, 2021

In this blog, you’ll learn how to integrate Snowflake with Azure Active Directory (Azure AD). When you integrate Snowflake with Azure AD, you can:

  • Control in Azure AD who has access to Snowflake.
  • Enable your users to be automatically signed in to Snowflake with their Azure AD accounts.
  • Manage your accounts in one central location — the Azure portal.

Prerequisites

To configure Azure AD integration with Snowflake, you need the following items:

  • An Azure AD subscription.
  • Snowflake single sign-on enabled subscription

Register an Application in the Azure Portal

  1. Go to Azure Portal > Enterprises Application
Enterprise Application Creation Page

2. After landing on the overview page, click New application, which will redirect you to a new page where you can click Non-Gallery Application.

Create a Non-gallery Application

3. It will prompt you to give your application a name. Once you’ve decided on a name, click add button on the same page.
I’ll call my programme ‘Snowflake Single Sign-On’ in this example.

4. Once the application is created, it looks like

Application Overview

5. Click Single Sign-On button

Single Sign-On Configuration

6. Now choose ‘SAML’, the page looks like below

SAML Configuration

7. Click the Edit button on BASIC SAML CONFIGURATION and fill in the appropriate fields as shown in the figure below.

Example Configuration

8. In the remaining part, there is no need to make any changes. Simply leave it as is, and then click the Test button once you’ve finished configuring everything.

9. Login to snowflake using admin credentials

10. To create a new user in Snowflake, use the queries below.

Note: Make sure the user has access to the Azure portal

CREATE OR REPLACE USER BOOPATHIRAJ_DHANARAJ
LOGIN_NAME = ‘boopathiraj.dhanaraj@bi3technologies.com
DISPLAY_NAME = ‘BOOPATHIRAJ DHANARAJ’
MUST_CHANGE_PASSWORD = FALSE;
Create User Example

11. You can now sign out of the Admin user and sign in with Azure AD.

Snowflake Sign-on Page

Since you’ve now been walked through creating a custom SAML connection with AZURE AD.

Conclusion

There are a number of different ways to integrate your existing authentication strategies with Snowflake. The strategy your enterprise should choose largely depends on what your existing workflows are and what tooling you have available.

We recommend using OAuth 2.0 with OIDC if you have both options available. SAML is easier to set up and gives more flexibility.

When it comes to user management, you will need to set up SCIM for an automated workflow.

If SCIM isn’t available, you can use a free solution like Tram to help consolidate, govern, and audit the changes to your Snowflake environment in a consistent manner.

About Us

Bi3 has been recognized for being one of the fastest-growing companies in Australia. Our team has delivered substantial and complex projects for some of the largest organizations around the globe and we’re quickly building a brand that is well known for superior delivery.

Website : https://bi3technologies.com/

Follow us on,
LinkedIn : https://www.linkedin.com/company/bi3technologies
Instagram : https://www.instagram.com/bi3technologies/
Twitter : https://twitter.com/Bi3Technologies

Snowflake
Azure
Oauth
Oauth2
Sso

--

--

Boopathitraj dhanaraj
BI3 Technologies

Written by Boopathitraj dhanaraj

1 Follower
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams