08-12-2020 12:17 AM - edited 05-20-2022 04:47 PM
When attempting to connect to Snowflake using Okta Single-Sign-On (SSO) with Multi-Factor Authentication (MFA) enabled via the Input Data tool, the following error occurs:
ERROR [HY000][Snowflake][Snowflake] (30) Failed to connect to okta. Error code=401
For browser-based Okta login, set the parameter authenticator to externalbrowser so that the default Web Browser prompt is used to authenticate when running the workflow from Designer. See the Snowflake ODBC and Connection Parameters documentation for more information.
When re-running the workflow, the Okta prompt will re-open in new browser tabs each time the connection is tested. If this is the case, please get in touch with the Identity Provider (IDP) Admin as to why sessions do not persist or what security implications are involved for your organization.
Possible parameters to look into:
In addition, to help minimize the number of times needed to authenticate when clicking around and adding tools to the canvas, check the option Disable Auto Configure.
1. In Designer, go to Options > User Settings > Edit User Settings > Advanced Tab.
2. Check the box Disable Auto Configure.
3. Click OK.
This workaround will not work for scheduled workflows nor is browser-based Okta supported on the gallery. It's recommended to submit an enhancement request via our Ideas portal to support MFA and browser-based Okta for Alteryx Server fully.
@gtorres8 can you clarify what you mean by "IDP Admin"? Thank you.
I updated the KB. IDP means Identity Provider. In this case, the Okta Admin.