Notebook, Snowflake OAuth server extension

Hey folks, This is my 1st post in this community. I really appreciate your help for the below issue.
I’ve created a server extension and nbextension (UI element) to get Snowflake OAuth access token from notebook.
I’ve packaged and installed these extensions in SingleUser pod because each user working on the notebook is allowed to generate this access token periodically from notebook page it self.

server extension: Created below 2 handles

  1. (r"/user/(?P<user_name>[^/]+)/snowflakeoauth", SnowflakeOAuth) This handle takes user input and constructs the Snowflake oauth url and launches it for authentication. Once authentication is successfl it returns a code attached to the redirect_uri , something like this [Preformatted text](
        auth_url = auth_url + "?" + urlencode({
            "client_id": client_id,
            "response_type": "code",
            **"redirect_uri": '',**
            "scope": f"refresh_token session:role:{self.snowhouse_role}",
            "code_challenge": code_challenge,
            "code_challenge_method": "S256",
            "state": state,

  1. (r"/user/(?P<user_name>[^/]+)/auth_code", SnowflakeOAuthToken) This handle will be launched as a redirect response from above mentioned handle. It will reads the code attached to the redirect_uri and makes a POST request to get the refresh & access token from Snowflake.

Authentication is successful but the redirect response page (/auth_code) failed to load because the response url that I’ve received is [Preformatted text](, there is no /user/ in url which is expected and it is supposed to be static.

Is there a way I can make notebook url static with no username in it?
Is there a way I can override the redirect response url to attach username to it?

Hi! JupyterHub is a multiuser system so the username always needs to be part of the URL prefix for accessing a singleuser server.

I don’t have any experience with Snowflake OAuth, but in general for most OAuth providers you’ll need to configure the callback URL to include the prefix to your handler. The redirect happens on the browser side, not inside the server, so it’s the URL seen by the browser that matters.