[Feature Request] Add OAuth 2.0 authentication support for Snowflake connector

[leeceo97]

Problem Statement

The Snowflake destination connector currently only supports username/password and key pair authentication methods. However, Snowflake is enforcing MFA requirements for all password-based authentication by 2026 (BCR-2097), which will break existing integrations using PERSON-type users with password authentication.

Reference: https://docs.snowflake.com/en/user-guide/security-mfa-rollout

Current Workarounds and Limitations

1. Key Pair Authentication: Not feasible for our organization due to security policies around private key management
2. LEGACY_SERVICE user type: Temporary solution that will be deprecated in mid-2026 (June-August)
3. OAuth 2.0: Currently not supported by Airbyte Snowflake connector

Proposed Solution

Add OAuth 2.0 authentication support for the Snowflake connector, including:

• External OAuth (Azure AD, Okta, etc.)
• Snowflake OAuth
• Support for SERVICE user type with OAuth authentication

This would align with Snowflake's recommended authentication methods and provide a long-term sustainable solution.

Timeline Concerns

• January 2026: Snowflake will enforce MFA by default for all accounts
• June-August 2026: LEGACY_SERVICE type will be deprecated
• October 2026: Single-factor password authentication will be completely blocked

Without OAuth support, Airbyte users will face authentication issues with Snowflake by mid-2026.

Additional Context

Related issues:

• Destination Snowflake: support oauth #10033 (Destination Snowflake: support oauth)
• Source Snowflake: support oauth #6281 (Source Snowflake: support oauth)

Snowflake OAuth documentation:

• https://docs.snowflake.com/en/user-guide/oauth-ext-overview
• https://docs.snowflake.com/en/user-guide/oauth-azure

Question

When can we expect OAuth 2.0 authentication support for the Snowflake connector?

Is there a planned timeline for this feature, considering Snowflake's upcoming authentication enforcement deadlines?