Key-Pair Authentication Migration Guide
Key-pair authentication provides a strong authentication method between ALTR and Snowflake compared to password authentication. Snowflake is deprecating password authentication in 2025, requiring all users to update existing connections to leverage key-pair authentication. Follow this guide to migrate your existing ALTR connections from password authentication to key-pair authentication.
Step 1: Identify Existing Service Users
Section titled “Step 1: Identify Existing Service Users”ALTR has recently updated to separately manage service users from Snowflake connections. This enables customers to more easily manage one or a small number of service users being across several Snowflake data source connections. There should be a service user entry for each service user in use by your ALTR account. Most customers should have a small number of service user entries.
To identify a list of service users used by ALTR:
- Log into the ALTR platform.
- Select Data ConfigurationService Users in the Navigation menu.
- Identify all service users listed with “password” as the Authentication Method.
Each of these users must be updated to use key-pair authentication. If they are not updated before Snowflake deprecates single-factor password authentication, any ALTR connections using that service user will break.
Step 2: Update Service Users to Use Key-Pair Authentication
Section titled “Step 2: Update Service Users to Use Key-Pair Authentication”This process must be taken for each service user using password authentication, identified in Step 1.
To update service users to use key-pair authentication:
- Click Edit Service User on the user to update.
- Click the Key-Pair Authentication tab.
- Click Generate Key .
- Copy the generated SQL snippet.
- Log into Snowflake as a role that has the OWNERSHIP privilege on the service user.
- Execute the SQL snippet from step 4.
- Navigate back to ALTR and click Save on the service user