We currently use Okta (which requires MFA) to manage our Snowflake users, so most of our Snowflake users do not have a password. We have developers who want to use an IDE like DataGrip or DBeaver but we are unable to connect using the Okta method.
When we try to connect with the connection parameter of authenticator='https://<your_okta_account_name>.okta.com' we get the error message of [08001][390400] Bad request; operation not supported.
When we try to connect with the connection parameter of authenticator= externalbrowser we get the error message of [08001][390400] !390400!
We can't find better error messages than those. We get those error messages with both DBeaver and DataGrip.
Is there any advice in getting this to work? We can't figure out if this a Snowflake or Okta issue.
We were referencing these pieces of documentation: https://docs.snowflake.net/manuals/user-guide/jdbc-configure.html#connection-parameters https://support.snowflake.net/s/article/How-to-Configure-Snowflake-connections-for-Datagrip
Our issue was actually different and didn't have anything to do with our Okta/Snowflake integration. We could have followed the Snowflake documentation on how to connect to Tableau or DataGrip.
There is an issue when using Okta with MFA for Snowflake using the externalbrowser authenticator method. We have an alias on our host name that we were trying to use for authentication.
For example, our real host name might be aaa111.snowflakecomputing.com and we have an alias of companyname.snowflakecomputing.com, you need to use the aaa111.snowflakecomputing.com host name when setting up the connection.
If you are on Okta with MFA, you do need to specify the externalbrowser authenticator method though.