69649 - The OAuth token is truncated when you use it with SAS/ACCESS® Interface to Snowflake and "ERROR: CLI error trying to establish connection" is returned

Usage Note 69649: The OAuth token is truncated when you use it with SAS/ACCESS® Interface to Snowflake and "ERROR: CLI error trying to establish connection" is returned

Although the SAS/ACCESS Interface to Snowflake engine does not directly support the OAuth token authentication method, it is still possible to use this method by supplying the token with the CONOPTS= LIBNAME option. However, due to the length of the token, the string is truncated. This truncation causes an invalid token to be used for authentication.

Here is an example LIBNAME statement:

%let mytoken=<valid OAuth token>;

libname mylib snow server=server_name database=database schema=schema conopts="authenticator=oauth; token=&mytoken;";

Here is an example error that occurs in this scenario:

ERROR: CLI error trying to establish connection: Invalid OAuth access token. 

There is no workaround to dynamically supply the token in the CONOPTS LIBNAME option. You can avoid the truncation if the token is supplied as a DSN option, although this method not practical. It is also important to note that the token truncation occurs due to the driver manager that is used even if it is correctly supplied by SAS. The UnixODBC driver manager has a known issue where it also truncates an OAuth token string. Consult your specific ODBC driver manager documentation to confirm support for OAuth.

Click the Hot Fix tab in this note to access the hot fix for this issue.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	SAS/ACCESS Interface to Snowflake	Linux for x64	9.4		9.4 TS1M6

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Viya on Linux: An update for this issue is available for SAS Viya 3.5. For instructions on how to access and apply software updates, see the Updating Your SAS Viya software section in the SAS Viya 3.5 for Linux Deployment Guide at

http://documentation.sas.com/?softwareId=administration&softwareVersion=3.5&softwareContextId=softwareUpdates

A fix for this issue for SAS/ACCESS Interface to Snowflake 9.42 is available at:

https://tshf.sas.com/techsup/download/hotfix/HF2/I9Y.html#69649

A fix for this issue for SAS/ACCESS Interface to Snowflake 9.41 is available at:

https://tshf.sas.com/techsup/download/hotfix/HF2/H6S.html#69649

In this scenario, this error is returned: "ERROR: CLI error trying to establish connection: Invalid OAuth access token."

Type:	Usage Note
Priority:

Date Modified:	2022-12-15 11:02:52
Date Created:	2022-10-28 09:57:43

Support

Usage Note 69649: The OAuth token is truncated when you use it with SAS/ACCESS® Interface to Snowflake and "ERROR: CLI error trying to establish connection" is returned

Operating System and Release Information