Snowflake Admin Series: Identifier-First Login
In this blog, we are going to see another improvement to our login security perimeter. If you have not read my recent blog on Snowflake Admin Series: Authentication Policies than I would recommend you to please have a look as this feature is enhancement on top of authentication policies. This feature is available to all account, regardless of which Snowflake edition you are using.
What is Snowflake Identify login First feature? And how does it work ?
Snowflake is trying to improve the security feature by further restricting the user to see only valid login option based on your authentication policy.
Say example if I had restricted certain service account to connect using snowsql only then. When the user tries to connect using Snowflake Web UI, he will get the red flag as Snowflake will ask him to provide the username/email ID address from which he wants to log in. Based on his username/email ID, Snowflake will display only valid login option. If he is not allowed to log in using Web UI, he will get an error message like below:
The only caveat, I see, is if the user is unaware of the policy, he will not able to understand what is a valid login type set for him with the current error message.
He will have to see the current authentication policy to understand the context. If snowflake can improve on his error message with valid login type in error message, hopefully it will make more sense.
When you try to log in using valid log in type, you will be able to log in as usual.See below:
Note: This feature works only if Authentication Policies are already defined for account or user.
How about a quick demo?
How to set this up in Snowflake?
-- Set
ALTER ACCOUNT SET ENABLE_IDENTIFIER_FIRST_LOGIN = true;How to unset in Snowflake?
--Unset
ALTER ACCOUNT SET ENABLE_IDENTIFIER_FIRST_LOGIN = false;How can Identifier First Login enhanced the consumer experience when used in conjunction with Authentication Policies?
Below is a very nice explanation from Snowflake documentation.
Hope this blog helps you to get insight into the Snowflake Identify First login feature. If you are interested in learning more details about Snowflake Identify First login, you can refer to Snowflake documentation. Feel free to ask a question in the comment section if you have any doubts regarding this. Give a clap if you like the blog. Stay connected to see many more such cool stuff. Thanks for your support.
You Can Find Me:
Subscribe to my YouTube Channel: https://www.youtube.com/c/RajivGuptaEverydayLearning
Follow me on Medium: https://rajivgupta780184.medium.com/
Follow me on X (formerly known as Twitter): https://twitter.com/RAJIVGUPTA780
Connect with me in LinkedIn: https://www.linkedin.com/in/rajiv-gupta-618b0228/
#Keep learning #Keep Sharing #Everyday Learning.
