Companies use Cloud Data Warehouses to run their business operations in an effective manner. These Data Warehouses help them store and analyze data to make data-driven business decisions. Snowflake is a widely used Cloud Data Warehousing solution that offers companies a robust engine to effectively run and manage their data and generate insights from it.
It is essential to secure business and user data in these Data Warehouses. SSO (Single Sign-on) is one of the secure methods to manage access to accounts and secure data. Okta is a leading identity and access management platform that allows companies to manage their authentication to various apps and services using a single login system or other secure ways. Snowflake Okta Integration makes it easier for companies to authenticate through different authentication methods.
Snowflake Okta Integration allows companies to trace Database activities to the individual users. With the help of Snowflake Okta Integration, users can also organize individually carved views of the data using secure views. In this article, you will learn about Snowflake, Okta, and the steps to set up Snowflake Okta Integration. You will also read about the need for Snowflake Okta Integration and how it helps companies manage access to data to users.
Prerequisites
- An active Snowflake account.
- An active Okta account.
Introduction to Snowflake
Image Source
Snowflake is a Cloud-based Data Warehouse service provider that offers SaaS (Software as a Service) to companies and helps them manage their business data and analyze it. It is a fully managed Data Warehousing platform built on the AWS (Amazon Web Services) infrastructure. It is highly scalable and allows users to easily scale up or scale down the computation and storage based on their business requirements.
Companies using the Snowflake services don’t need to maintain the hardware or software upgrades or pay for any hardware failure because both computation power and storage space are rented in the Data Warehouse. Snowflake’s robust engine decouples the storage and computes that allow companies to change both independently.
Key Features of Snowflake
A few features of Snowflake are listed below:
- Data Sharing: With the help of Snowflake organization accounts, users can easily share data to other Snowflake account and consume data provided by other Snowflake accounts.
- SQL Support: Snowflake comes with standard and extended SQL support that includes most DDL, DML commands and also supports advanced DML, transactions, lateral views, stored procedures, etc.
- Security: Snowflake comes with advanced security features and enhanced authentication by providing Multi-Factor Authentication (MFA), Single Sign-on (SSO), and OAuth.
- Fail-Safe: The snowflake fail-safe feature protects historical data in the event of disasters such as disk failures or any other hardware failures.
To know more about Snowflake, click here.
Introduction to Okta
Image Source
Okta is a cloud-based identity and access management software provider that helps companies and developers manage and secure user authentication into applications, website web services, and devices. It offers many services that also include Single Sign-on (SSO) that allow users to log in to different applications with a single unique centralized process. Founded in 2009 by Todd McKinnon and Frederic Kerrest, now valued at over $6 billion.
Apart from SSO, Okta also offers services such as Universal Directory, Advanced Server Access, API Access Management, Authentication, User Management, B2B Integration, Multi-factor Authentication, Lifecycle Management, and Access Gateway. Okta’s services are built on Amazon Web Services (AWS).
Key Features of Okta
A few features of Okta are listed below:
- Real-time Security Reporting: Okta employs real-time tracking of system logs that consists of geolocation tracking and integration with security information and event management (SIEM) applications.
- Extension Support: For ease of use, Okta offers its browser extension so that users can access their apps and websites quickly.
- ThreatInsight: Okta’s ThreatInsight feature collects data across the entire customer Database and blacklists malicious IP addresses.
- Passwordless Authentication: A weak password is a threat to even a strong security system. Okta offers passwordless authentication that includes Factor sequencing, Device trust, E-Mail based links, Personal identity verification (PIV) smart cards, and Desktop SSO.
To know more about Okta, click here.
Hevo Data, a No-code Data Pipeline helps to load data from any data source such as Databases, SaaS applications, Cloud Storage, SDK,s, and Streaming Services and simplifies the ETL process. It supports 100+ data sources and is a 3-step process by just selecting the data source, providing valid credentials, and choosing the destination. Hevo not only loads the data onto the desired Data Warehouse/destination but also enriches the data and transforms it into an analysis-ready form without having to write a single line of code.
Get Started with Hevo for Free
Its completely automated pipeline offers data to be delivered in real-time without any loss from source to destination. Its fault-tolerant and scalable architecture ensures that the data is handled in a secure, consistent manner with zero data loss and supports different forms of data. The solutions provided are consistent and work with different BI tools as well.
Check out why Hevo is the Best:
- Secure: Hevo has a fault-tolerant architecture that ensures that the data is handled in a secure, consistent manner with zero data loss.
- Schema Management: Hevo takes away the tedious task of schema management & automatically detects the schema of incoming data and maps it to the destination schema.
- Minimal Learning: Hevo, with its simple and interactive UI, is extremely simple for new customers to work on and perform operations.
- Hevo Is Built To Scale: As the number of sources and the volume of your data grows, Hevo scales horizontally, handling millions of records per minute with very little latency.
- Incremental Data Load: Hevo allows the transfer of data that has been modified in real-time. This ensures efficient utilization of bandwidth on both ends.
- Live Support: The Hevo team is available round the clock to extend exceptional support to its customers through chat, E-Mail, and support calls.
- Live Monitoring: Hevo allows you to monitor the data flow and check where your data is at a particular point in time.
Sign up here for a 14-Day Free Trial!
Setting Up Snowflake Okta Integration
Now that you have understood about Okta and Snowflake. In this section, you will learn about the steps to set up Snowflake Okta Integration. Okta is one of the widely used service providers for Cloud-based SSO (Single Sign-on). SSO secures the data and helps companies manage the access to your data to people from your corporate. The steps to integrate Snowflake Okta SSO are listed below:
Step 1: Granting User Access
- Log in to your Okta account.
- Navigate to App Catalogs and search for the “Snowflake” app from the search box, as shown in the image below.
Image Source: Self
- Here click on the “Add” button to add the Snowflake app, as shown in the image below.
Image Source: Self
- It will open up the app general settings.
- Here, fill in the “Application label” of your choice and then add the “SubDomain” field as the name of the Snowflake account. It is necessary to include your region from the name. For example, if the URL is https://acme.snowflakecomputing.com/ then the name is acme.
- Then click on the “Next” button.
- Choose the “SAML 2.0” option and then click on the “Identity Provider metadata” link and the “View Setup Instructions” button from the box that appeared below.
- Click on the “Done” button.
- Now, go to the “Assignments” tab and click on the “Assign” button and assign the user of your choice, as shown in the image below.
Image Source: Self
Step 2: Configuring SAML Provider in Snowflake
- Log in to your Snowflake account.
- Here, open the Worksheets Console for running SQL commands.
- You can copy the code given below to the console.
'{ "certificate": "<Certificate_body>", -- Paste Certificate string with removed EOL charachters here
Issuer: ""
"ssoUrl": "", -- Okta SSO URL you captured in Step 1
"type" : "OKTA",
"label" : "MYSSO" -- Label of SSO button on Snowflake Web Login dialog
}';
- In the above code, paste the value for “certificate” from the View Setup Instructions page for SSO Setup you opened earlier. On that page, you can see the “Authentication Certificate” in step 6.
- Copy the certificate value and replace it in place of <Certificate_body>.
- Similarly, copy the “Entity ID” and paste the value in place of the “Issuer” value.
- Then, copy the “IDP SSO URL” from the page, and paste it in the Snowflake console in place of the “ssoURL” value.
- After this run the commands.
- Paste the given code in the Snowflake Console.
use role accountadmin;
CREATE SECURITY INTEGRATION OKTAINTEGRATION
TYPE = SAML2
ENABLED = TRUE
SAML2_ISSUER =
SAML2_SSO_URL =
SAML2_PROVIDER = OKTA
SAML2_X509_CERT =
SAML2_SP_INITIATED_LOGIN_PAGE_LABEL = OKTA SSO
SAML2_ENABLE_SP_INITIATED = TRUE;
- In the above code, copy and paste the values from the SSO Setup page “Entity ID“, “IDP SSO URL“, and “Authentication Certificate” and paste the values in these fields “SAML2_ISSUER“, “SAML2_SSO_URL” and “SAML2_X509_CERT” respectively.
- Now, run these commands in the Snowflake Console.
- Copy and paste the code in the Snowflake Console given below.
use role accountadmin;
alter security integration my_integration set saml2_snowflake_acs_url = 'https://<organization name>-<account name>.snowflakecomputing.com/fed/login';
alter security integration my_integration set saml2_snowflake_issuer_url = 'https://<organization name>-<account name>.snowflakecomputing.com/fed/login';
- Now, first copy the organization name and account name from your Snowflake Console URL before the “.snowflakecomputing.com” in the URL.
- Paste the value in place of <organization name>-<account name> in the above code.
- Next, run the above code in the Snowflake Console.
- Paste the code in the Snowflake Console given below.
ALTER ACCOUNT SET SSO_LOGIN_PAGE = TRUE;
- Now, when you open up your Snowflake login page, it will look similar to the page shown below.
- Here, you can see that another method to sign in using Okta SSO is available.
That’s it you have completed the Snowflake Okta Integration.
Benefits of Snowflake Okta Integration
A few benefits of using Snowflake Okta Integration are listed below:
- Snowflake Okta Integration allows companies to trace the Database activities to the individual users.
- Snowflake Okta Integration allows users to create complex usernames and passwords and change them frequently.
- Snowflake Okta SSO Integration enables users to authenticate and access multiple supported apps and services using single login credentials.
Conclusion
In this article, you learnt about Snowflake, Okta, and simple steps to set up Snowflake Okta Integration. You also read how the Snowflake Okta Integration helps companies manage authentication and secure data. Snowflake Okta SSO Integration makes it easier for users to log in to various apps and websites using the single login system. Snowflake is a widely used Data Warehouse to help businesses store and run Analytics on their business data. Okta is a leading access management platform and integrating both makes the workflow fast, secure, and efficient.
Visit our Website to Explore Hevo
Companies have business data available in multiple sources, and it’s a tedious process to load data manually from data sources to Snowflake. Hevo Data is a No-code Data Pipeline that can help you transfer data from any data source to the desired Snowflake. It fully automates the process to load and transform data from 100+ sources (including 40+ free sources) to a destination of your choice without writing a single line of code.
Want to take Hevo for a spin? Sign Up here for a 14-day free trial and experience the feature-rich Hevo suite first hand.
Share your experience of learning about Snowflake Okta Integration in the comments section below!