top of page

Implementation Of Okta

Updated: Mar 14

Author: Shikhar Srivastava

This Blog will Provide information about how to use OKTA as a Federated Authentication to

connect with Snowflake.


Federated authentication allows a user to connect to Snowflake using a secure single sign-on. With SSO enabled, you authenticate users through a SAML 2.0-compliant identity provider (Idp).

Okta is an identity management service that gives us access to any employer in any app on any device. It is hosted on a secure server. It uses cloud technologies to help companies manage and authenticate users in applications. It sells various services, including login, one of the most important programs because it has the unique feature of logging users into multiple applications through one centralized process. It is safe to use and protect our sensitive data even when others use our phones because the developed technology only takes a few minutes to steal our personal information.


1. Sign up on Okta and log in to Okta as a Developer Profile

To Sign up, click on the below link:

2. Go to Directory -> People -> Add people

3. Fill in the necessary fields and click on Save


  • Enter kipi id in Username

  • Create the same users in Snowflake instance with kipi id

  • You can choose to set a password as - Set by User or Set by Admin, and accordingly, user will be able to login to Okta

4. Navigate to Applications -> Applications -> Browse App Catalog

5. Choose Snowflake from the search panel and click on Add

6. Define the application name and subdomain of your Snowflake account

Eg :

7. Click on Next and move to Sign-On Options

8. Choose Sign-On Option as SAML 2.0

9. Click on View Setup Instructions

10. Run the below code in Snowflake and enter the data mentioned in Step 6 of Setup Instructions

use role accountadmin;




SAML2_ISSUER = {the value from step 6 of setup Instructions}

SAML2_SSO_URL = {the value from step 6 of setup Instructions}


SAML2_X509_CERT = {the value from step 6 of setup Instructions}



11. Run the below code in Snowflake and enter your Snowflake account name in the highlighted field

use role accountadmin;

alter security integration OKTAINTEGRATION set saml2_snowflake_acs_url = 'https://<organization_name>-account_name>';

alter security integration OKTAINTEGRATION set saml2_snowflake_issuer_url = 'https://<organization_name>-account_name>';

12. Run the below code in Snowflake

13. After setting up, click on Done

14. Your Snowflake application will be created.

15. Click on your Snowflake application

16. Assign people created above to your Snowflake application

17. Click on Assign to People

18. Assign People

19. All people assigned to the Snowflake application will be visible

20. A green indicator for enabling of SAML 2.0 will be visible

21. Navigate to My end user Dashboard

Note: Whenever user logins who is not an Okta Admin, have to log in via Okta end user URL

22. Navigate to My Apps and click on Snowflake

23. You should be able to log in successfully to Snowflake without entering your credentials

24. User will be able to see sign-in using OKTA while logging into Snowflake


This is how to integrate federation authentication and enable a single sign-on which would eliminate the need to manually log in to Snowflake. By enabling this user, authentication is decoupled from user access using one or more external entities (OKTA in our case) that provide independent verification of user credentials.


45 views0 comments
bottom of page