nerdexam
Snowflake

ARA-C01 · Question #11

A company's client application supports multiple authentication methods, and is using Okta. What is the best practice recommendation for the order of priority when applications authenticate to Snowfla

The correct answer is A. 1) OAuth (either Snowflake OAuth or External OAuth). Snowflake's recommended authentication priority order is: 1) OAuth (Snowflake OAuth or External OAuth), 2) External browser/SSO, 3) Okta native authentication, 4) Password. OAuth is the top priority because it is token-based, avoids transmitting credentials directly, and integrat

Security and Compliance

Question

A company's client application supports multiple authentication methods, and is using Okta. What is the best practice recommendation for the order of priority when applications authenticate to Snowflake?

Options

  • A
    1. OAuth (either Snowflake OAuth or External OAuth)
  • B
    1. External browser, SSO
  • C
    1. Okta native authentication
  • D
    1. Password

How the community answered

(27 responses)
  • A
    81% (22)
  • B
    4% (1)
  • C
    4% (1)
  • D
    11% (3)

Explanation

Snowflake's recommended authentication priority order is: 1) OAuth (Snowflake OAuth or External OAuth), 2) External browser/SSO, 3) Okta native authentication, 4) Password. OAuth is the top priority because it is token-based, avoids transmitting credentials directly, and integrates cleanly with identity providers like Okta via External OAuth. Even when Okta is in use, OAuth (specifically External OAuth configured with Okta as the authorization server) is preferred over Okta's native authentication method because it follows modern, standards-based security practices. Passwords are always the lowest-priority option due to their inherent security risks.

Topics

#Authentication#OAuth#External OAuth#Security Best Practices

Community Discussion

No community discussion yet for this question.

Full ARA-C01 Practice