JDBC Driver connection parameter reference

This topic lists the connection parameters that you can use to configure the JDBC driver. You can set these parameters in the JDBC connection string or in a Java Properties object.

Required parameters

This section lists the parameters that you must set in the connection string or in the Map of properties.

Note

You must also set the parameters for authentication.

user

Description:

Specifies the login name of the user for the connection.

Authentication parameters

allowUnderscoresInHost

Description:

Specifies whether to allow underscores in account names. The JDBC Driver does not support underscores in URLs, which include the account name, so the JDBC Driver automatically converts underscores to hyphens. The default value is false.

Note

Beginning with version 3.13.25, the Snowflake JDBC driver changes the default value of the allowUnderscoresInHost parameter to false. This change impacts PrivateLink customers whose account names contain underscores. In this situation, you must override the default value by setting allowUnderscoresInHost to true.

authenticator

Description:

Specifies the authenticator to use for verifying user login credentials. You can set this to one of the following values:

  • snowflake to use the internal Snowflake authenticator.

  • externalbrowser to use your web browser to authenticate with Okta, AD FS, or any other SAML 2.0-compliant identity provider (IdP) that has been defined for your account.

  • https://<okta_account_name>.okta.com (i.e. the URL endpoint for your Okta account) to authenticate through native Okta (only supported if your IdP is Okta).

  • oauth to authenticate using OAuth. When OAuth is specified as the authenticator, you must also set the token parameter to specify the OAuth token (see below).

  • snowflake_jwt to authenticate using key pair authentication. For more details about key pair authentication, see Using key pair authentication and key rotation.

  • username_password_mfa to authenticate with MFA token caching. For more details, see Using multi-factor authentication

If the connection string specifies a key pair, then key pair authentication will be used even if the authenticator parameter is unset or is set to ‘snowflake’.

For more information on authentication, see Managing/Using federated authentication and Clients, drivers, and connectors.

Default:

snowflake

disableGcsDefaultCredentials

Description:

Specifies whether use the default credential lookup instead of external application default credentials when using GCP (Google Cloud Platform).

By default, GCP users can use a variety of options to set up Google Application Default Credentials outside of Snowflake. Occasionally, these authentication methods can interfere with cloud storage operations that originate from the Snowflake JDBC driver. In such cases, you can set the value to true to force the driver to ignore GCP credentials from other sources.

For more information, see Application Default Credentials

You can also use the net.snowflake.jdbc.disableGcsDefaultCredentials Java property to achieve the same effect.

Default:

false

disableSamlURLCheck

Description:

Specifies whether to disable the validation check of a SAML response.

Default:

false

passcode

Description:

Specifies the passcode to use for multi-factor authentication.

For more information about multi-factor authentication, see Multi-factor authentication (MFA).

passcodeInPassword

Description:

Specifies whether the passcode for multi-factor authentication is appended to the password:

  • on (or true) specifies the passcode is appended.

  • off (or false) or any other value specifies the passcode is not appended.

Default:

off

password

Description:

Specifies the password for the specified user.

There are two ways to specify the password:

  • The first way is to pass the user ID and password directly to the getConnection method:

    String user = "<user>";          // replace "<user>" with your user name
    String password = "<password>";  // replace "<password>" with your password
    Connection con = DriverManager.getConnection("jdbc:snowflake://<account>.snowflakecomputing.com/", user, password);
    
    Copy
  • The second way is to create a Properties object, update the object with the password, and pass the object to the getConnection method:

    String user = "<user>";          // replace "<user>" with your user name
    String password = "<password>";  // replace "<password>" with your password
    Properties props = new Properties();
    props.put("user", user);
    props.put("password", password);
    Connection con = DriverManager.getConnection("jdbc:snowflake://<account>.snowflakecomputing.com/", props);
    
    Copy

Attention

We strongly recommend that you do not include the user password directly in the JDBC connection string because the password could be inadvertently exposed by the client application that uses the string to connect to Snowflake. Instead, use the interface(s) provided by the application to specify the user password.

privatekey

Description:

Specifies the private key for the specified user. See Using key pair authentication and key rotation.

private_key_base64

Description:

Specifies the base64 encoded private key for the specified user. See Using key pair authentication and key rotation.

private_key_file

Description:

Specifies the path to the private key file for the specified user. See Using key pair authentication and key rotation.

private_key_file_pwd

Description:

(Deprecated) Use private_key_pwd instead.

private_key_pwd

Description:

Specifies the passphrase to decrypt the private key file or base64 encoded private key for the specified user. See Using key pair authentication and key rotation.

token

Description:

Specifies the OAuth token to use for authentication, where <string> is the token. This parameter is required only when setting the authenticator parameter to oauth, except as noted below.

Note

Beginning with version 3.13.24, the Snowflake JDBC Driver lets you send the OAuth token in the connection password in addition to including it in the token configuration parameter. If the token configuration parameter is not specified, the Driver.connect() method expects the token to be stored in the connection password.

This feature primarily supports using OAuth authentication for connection pools, allowing you to pass refreshed tokens as needed instead of being restricted by an expired token specified in the token configuration parameter.

For example, instead of setting he token configuration parameter, you can pass the token as the password in the getConnection() method properties, similar to the following:

Properties props = new Properties();
props.put("user", "myusername");
props.put("authenticator", "oauth");
props.put("role", "myrole");
props.put("password", "xxxxxxxxxxxxx"); // where xxxxxxxxxxxxx is the token string
Connection myconnection = DriverManager.getConnection(url, props);
Copy
Default:

None

Parameters for the default database, role, schema, and warehouse

db

Description:

Specifies the default database to use once connected, or specifies an empty string. The specified database should be an existing database for which the specified default role has privileges.

If you need to use a different database after connecting, execute the USE DATABASE command.

role

Description:

Specifies the default access control role to use in the Snowflake session initiated by the driver. The specified role should be an existing role that has already been assigned to the specified user for the driver. If the specified role has not already been assigned to the user, the role is not used when the session is initiated by the driver.

If you need to use a different role after connecting, execute the USE ROLE command.

For more information about roles and access control, see Overview of Access Control.

schema

Description:

Specifies the default schema to use for the specified database once connected, or specifies an empty string. The specified schema should be an existing schema for which the specified default role has privileges.

If you need to use a different schema after connecting, execute the USE SCHEMA command.

warehouse

Description:

Specifies the virtual warehouse to use once connected, or specifies an empty string. The specified warehouse should be an existing warehouse for which the specified default role has privileges.

If you need to use a different warehouse after connecting, execute the USE WAREHOUSE command can be executed to set a different warehouse for the session.

Proxy parameters

disableSocksProxy

Description:

Specifies whether the driver should ignore the SOCKS proxy configuration specified in the Java system options:

  • on (or true) specifies to ignore the proxy.

  • off (or false) or any other value specifies to use the proxy.

Note

Setting this connection parameter alters the behavior for all connections on the same JVM (Java virtual machine).

Default:

off

nonProxyHosts

Description:

Specifies the lists of hosts that the driver should connect to directly, bypassing the proxy server. See Specifying a proxy server in the JDBC connection string for details.

proxyHost

Description:

Specifies the hostname of the proxy server to use. See Specifying a proxy server in the JDBC connection string for details.

proxyPassword

Description:

Specifies the password for authenticating to the proxy server. See Specifying a proxy server in the JDBC connection string for details.

proxyPort

Description:

Specifies the port number of the proxy server to use. See Specifying a proxy server in the JDBC connection string for details.

proxyProtocol

Description:

Specifies the protocol used to connect to the proxy server. See Specifying a proxy server in the JDBC connection string for details.

Default:

http

proxyUser

Description:

Specifies the user name for authenticating to the proxy server. See Specifying a proxy server in the JDBC connection string for details.

useProxy

Description:

Specifies whether the driver should use a proxy:

  • on (or true) specifies that the driver should use a proxy.

  • off (or false) or any other value specifies that the driver should not use a proxy. This setting has no effect if JVM proxy arguments are present.

See Specifying a proxy server in the JDBC connection string.

Default:

off

Timeout parameters

loginTimeout

Description:

Specifies the number of seconds to wait for a response when connecting to the Snowflake service before returning a login failure error.

Default:

60

networkTimeout

Description:

Specifies the number of milliseconds to wait for a response when interacting with the Snowflake service before returning an error. 0 (zero) specifies that no network timeout is set.

Default:

0

net.snowflake.jdbc.http_client_connection_timeout_in_ms

Description:

Specifies the maximum time, in milliseconds, to wait on fully establishing a new connection (including TLS negotiation) with the remote host.

You can also set this in the connection string with ${HTTP_CLIENT_CONNECTION_TIMEOUT}.

Default:

60000 (1 minute)

net.snowflake.jdbc.http_client_socket_timeout_in_ms

Description:

Specifies the maximum time, in milliseconds, to wait for data (time of inactivity between two data packets) after a connection is successfully established.

You can also set this in the connection string with ${HTTP_CLIENT_SOCKET_TIMEOUT}.

Default:

300000 (5 minutes)

queryTimeout

Description:

Specifies the number of seconds to wait for a query to complete before returning an error. 0 (zero) specifies that the driver should wait indefinitely.

Default:

0

Other parameters

application

Description:

Snowflake partner use only: Specifies the name of a partner application to connect through JDBC.

client_config_file

Description:

Specifies the path of a logging configuration file that you can use to define the logging level and directory for saving log files.

DIAGNOSTICS_ALLOWLIST_FILE

Description:

Full path and filename of the JSON file containing the output of the SYSTEM$ALLOWLIST or SYSTEM$ALLOWLIST_PRIVATELINK functions.

If ENABLE_DIAGNOSTICS is true, you must provide this parameter.

ENABLE_DIAGNOSTICS

Description:

When true and the calling application invokes the DriverManager or DataSource getConnection() method, the driver runs several connectivity tests and writes the results in a pre-configured log file. The driver also returns the following exception:

net.snowflake.client.jdbc.SnowflakeSQLException: A connection was not created because the driver is running in diagnostics mode. If this is unintended then disable diagnostics check by removing the ENABLE_DIAGNOSTICS connection parameter

If you enable this parameter, you must provide a value for the DIAGNOSTICS_ALLOWLIST_FILE parameter.

Default:

false

enablePatternSearch

Description:

Enables or disables pattern search for getCrossReference, getExportedKeys, getImportedKeys, and getPrimaryKeys metadata operations that should not use their parameters as patterns.

Default:

true

enablePutGet

Description:

Specifies whether to allow PUT and GET commands access to local file systems. Setting the value to false disables PUT and GET command execution.

Default:

true

JAVA_LOGGING_CONSOLE_STD_OUT

Description:

Specifies whether to write log message to standard output instead of standard error.

Default:

false

JAVA_LOGGING_CONSOLE_STD_OUT_THRESHOLD

Description:

Specifies the maximum log message level to write to standard output. Higher log levels are written to standard error. Valid only when JAVA_LOGGING_CONSOLE_STD_OUT is true. Possible values include:

  • OFF

  • SEVERE

  • WARNING

  • INFO

  • CONFIG

  • FINE

  • FINER

  • FINEST

  • ALL

Default:

none, which is equivalent to setting the value to OFF or SEVERE.

JDBC_ARROW_TREAT_DECIMAL_AS_INT

Description:

Specifies whether to return all numbers in an arrow result set from a getObject call as integers. If this value and the JDBC_TREAT_DECIMAL_AS_INT parameter values are both false, all integer numbers in arrow return sets from a getObject call are returned as a BigDecimal type.

Default:

true

JDBC_DEFAULT_FORMAT_DATE_WITH_TIMEZONE

Description:

Specifies whether to use the previously hardcoded value for the formatter (for backwards compatibility).

Default:

true

JDBC_GET_DATE_USE_NULL_TIMEZONE

Description:

Specifies whether to use the previously null timezone value for the getDate method (for backwards compatibility).

Default:

true

maxHttpRetries

Description:

Specifies the maximum number of times to retry failed HTTP requests before returning an error.

Default:

7

net.snowflake.jdbc.max_connections

Description:

Specifies the total maximum connections available in the connection pool.

Default:

300

net.snowflake.jdbc.max_connections_per_route

Description:

Specifies the maximum number of connections allowed for a single port or URL. The value cannot exceed the net.snowflake.jdbc.max_connections value.

Default:

300

net.snowflake.jdbc.objectMapper.maxJsonStringLength

Description:

Specifies the maximum number of bytes for a string. You can increase the value for this Java property to set a larger buffer for Snowflake response deserialization if you receive error messages similar to the following:

com.fasterxml.jackson.core.exc.StreamConstraintsException: String length (XXXXXXX) exceeds the maximum length (180000000)
Default:

180000000

ocspFailOpen

Description:

Specifies that the driver should “fail open” if unable reach the OCSP server to verify the certificate. See OCSP.

putGetMaxRetries

Description:

Specifies the maximum number of times to retry PUT/GET exceptions for storage clients.

Default:

25

stringsQuotedForColumnDef

Description:

If this parameter is set to true, then when DatabaseMetaData.getColumns() and DatabaseMetaData.getProcedureColumns() return a value of type String in the COLUMN_DEF column, that value is embedded in single quotes. (If the data type of the value is not String, then the value is not quoted, regardless of the setting of this parameter.)

  • true specifies that string values should be embedded in single quotes (the quotes are part of the string, not delimiters). This complies with the JDBC standard.

  • false specifies that string values are not embedded in single quotes.

Default:

false

tracing

Description:

Specifies the log level for the driver. The driver uses the standard Java log utility. You can set this parameter to one of the following log levels:

  • OFF

  • SEVERE

  • WARNING

  • INFO

  • CONFIG

  • FINE

  • FINER

  • FINEST

  • ALL

Default:

INFO