metricsign
Start free
High severityauthenticationSnowflake

Power BI Refresh Error:
250006

What does this error mean?

The Python connector could not reach the configured Identity Provider (IdP) during SSO or federated authentication. The connector is unable to obtain or validate a SAML token because the IdP endpoint is unreachable.

Common causes

  • 1The IdP URL configured in Snowflake (or in the connector) is incorrect or unreachable from the client network
  • 2Firewall or proxy blocking outbound HTTPS to the IdP endpoint
  • 3IdP service is temporarily down or experiencing degraded connectivity
  • 4DNS resolution failure for the IdP hostname
  • 5SSO integration in Snowflake is misconfigured (wrong entityId or login URL)

How to fix it

  1. 1Verify the IdP endpoint URL is reachable: curl -I https://<your-idp-url>.
  2. 2Check that the client network allows outbound HTTPS (443) to the IdP host.
  3. 3In Snowflake, review the SAML2 security integration: SHOW SECURITY INTEGRATIONS and DESCRIBE INTEGRATION <name>.
  4. 4If using Okta/ADFS/Azure AD, check the IdP service status dashboard.
  5. 5Test connectivity with a direct browser login (SSO) from the same network to isolate the issue.

Frequently asked questions

Can I bypass SSO for service accounts?

Yes — service accounts (used for ETL jobs) should use key-pair authentication or username/password rather than browser-based SSO. Reserve SSO for human interactive logins.

How do I test if the IdP integration in Snowflake is correct?

Run DESCRIBE SECURITY INTEGRATION <name> and compare saml2_sso_url and saml2_issuer with your IdP metadata. Then test a browser-based SSO login from the Snowflake login page.

Official documentation: https://github.com/snowflakedb/snowflake-connector-python/blob/main/src/snowflake/connector/errorcode.py

Other authentication errors