OAuth
This section provides a complete list of the OAuth properties you can configure in the connection string for this provider.
| Property | Description |
| InitiateOAuth | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. |
| OAuthClientId | Specifies the client ID (also known as the consumer key) assigned to your custom OAuth application. This ID is required to identify the application to the OAuth authorization server during authentication. |
| OAuthClientSecret | Specifies the client secret assigned to your custom OAuth application. This confidential value is used to authenticate the application to the OAuth authorization server. (Custom OAuth applications only.). |
| OAuthAccessToken | Specifies the OAuth access token used to authenticate requests to the data source. This token is issued by the authorization server after a successful OAuth exchange. |
| CallbackURL | The CallbackURL property specifies the redirect URI (callback URL) used in OAuth authentication flows when connecting to Snowflake. This property is required for external OAuth-based authentication, ensuring that after authentication, the user is redirected correctly. |
| State | Specifies an optional state parameter used during the OAuth authorization process. This value serves as a mechanism to preserve the application's state between the authorization request and the redirect response. It is commonly used to prevent Cross-Site Request Forgery (CSRF) attacks by validating the authenticity of the request upon receiving the callback. |
| OAuthSettingsLocation | Specifies the location of the settings file where OAuth values are saved. |
| Scope | Determines the OAuth scopes that the application requests from Snowflake. Setting appropriate scopes defines the permissions that the application will be granted during the OAuth authorization process. |
| OAuthAuthorizationURL | The authorization URL for the OAuth service. |
| OAuthAccessTokenURL | The URL from which the OAuth access token is retrieved. |
| OAuthVerifier | Specifies a verifier code returned from the OAuthAuthorizationURL . Used when authenticating to OAuth on a headless server, where a browser can't be launched. Requires both OAuthSettingsLocation and OAuthVerifier to be set. |
| PKCEVerifier | Specifies the Proof Key for Code Exchange (PKCE) Verifier used during the OAuth 2.0 PKCE authentication flow. It is used as input when calling GetOAuthAccessToken . This random value is required when obtaining an access token from the authorization server after the initial authorization code is provided. |
| OAuthRefreshToken | Specifies the OAuth refresh token used to request a new access token after the original has expired. |
| OAuthExpiresIn | Specifies the duration in seconds, of an OAuth Access Token's lifetime. The token can be reissued to keep access alive as long as the user keeps working. |
| OAuthTokenTimestamp | Displays a Unix epoch timestamp in milliseconds that shows how long ago the current access token was created. |