Snowflake
Why am I getting an incorrect username or password error message?
If you receive the following error message:Cannot create PoolableConnectionFactory (Incorrect username or password was
specified.)
The security integration in Snowflake maps Atlan email addresses to Snowflake login names. First, check if a user with an Atlan email address exists in Snowflake.
If a user exists and the Snowflake login name is not an email address, your Snowflake administrator will have to manually update the user-mapping in the security integration to use email addresses instead. To do so, add the following command to the security integration in Snowflake:
EXTERNAL_OAUTH_SNOWFLAKE_USER_MAPPING_ATTRIBUTE = 'EMAIL_ADDRESS'
Refer to Snowflake documentation.
Why am I getting a role error message?
If you receive the following error message:Cannot create PoolableConnectionFactory (Role 'ACCOUNTADMIN' specified in the connect string is not granted to this user. Contact your local system administrator, or attempt to login with another role, e.g. PUBLIC
By default, Snowflake blocks the ACCOUNTADMIN
role from being assumed in the security integration. Therefore, a user with a Snowflake ACCOUNTADMIN
role will not be able to run queries with Snowflake OAuth-based authentication.
To allow the ACCOUNTADMIN
role to query with Snowflake OAuth-based authentication, add the following command to set account-level permissions in the security integration in Snowflake:
ALTER ACCOUNT SET EXTERNAL_OAUTH_ADD_PRIVILEGED_ROLES_TO_BLOCKED_LIST = FALSE;
Refer to Snowflake documentation.