Does st.connection(“snowflake”) support key-pair authentication?
In my org only SSO is allowed and if app needs to be deployed to production this does not seem to be good enough? user/password auth is prohibited.
1 Like
Did you ever find out? 
Unfortunately not.
I got it working today
This is my secrets.toml
[connections.snowflake]
account = myaccount
user = myuser
role = myrole
warehouse = mywarehouse
database = mydatabase
schema = myschema
client_session_keep_alive = true
private_key_path = "/path/to/key.p8"
Then in my app.py:
import os
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives.asymmetric import dsa
from cryptography.hazmat.primitives import serialization
with open("/path/to/key.p8", "rb") as key:
p_key = serialization.load_pem_private_key(
key.read(),
password=os.environ["PRIVATE_KEY_PASSPHRASE"].encode(),
backend=default_backend(),
)
pkb = p_key.private_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption(),
)
conn = st.connection("snowflake", type="snowflake", private_key=pkb)
I have the passphrase in my environment variables.