Snowflake has announced plans to require multifactor authentication (MFA) when you access a Snowflake data source. It is recommended that you use MFA when you authenticate to Snowflake interactively. However, there might be situations where it is preferable to use an alternative authentication method, such as when you run SAS scripts overnight. In those cases, we recommend that users update their programs to replace user name and password authentication with RSA key-pair authentication. You or your database administrator should enable key-pair authentication for Snowflake. This is an alternative to MFA that enables SAS programs to connect with Snowflake and to run without interactive MFA. For more information, see the Snowflake documentation.
After RSA keys have been configured and you have access to the private key file and the key password, the key information can be put into a LIBNAME statement for Snowflake. If your RSA key is not encrypted, then you can use a LIBNAME statement similar to this sample:
libname snowlib snow server="server" user='user' schema='schema'
db='db-name' preserve_tab_names=yes
conopts="AUTHENTICATOR=SNOWFLAKE_JWT;priv_key_file=path-to-key/rsa_key.p8";If your RSA key value is encrypted, then the priv_key_file_pwd= value is required in your LIBNAME statement.
libname snowlib snow server="server" user='user' schema='schema'
db='db-name' preserve_tab_names=yes
conopts="AUTHENTICATOR=SNOWFLAKE_JWT;priv_key_file=path-to-key/rsa_key.p8;
priv_key_file_pwd=password";For more information, see these topics: