Snowflake

Setup Snowflake Custom OAuth

Details about custom OAuth for Snowflake are described here.

1. Create a security integration

First, create a new Worksheet to be able to execute queries. Next, run the below query:
create security integration oauth_locoia
type = oauth
enabled = true
oauth_client = custom
oauth_client_type = 'CONFIDENTIAL'
oauth_redirect_uri = 'https://api.locoia.com/v1/oauth2/callback/snowflake'
oauth_issue_refresh_tokens = true
oauth_refresh_token_validity = 86400
;
Further configuration options can be specified for the security integration if needed.
Only Snowflake account administrators (ACCOUNTADMIN role) or a role with the global CREATE INTEGRATION privilege can execute this SQL command.

2. Get the security integration's details

Run the below command to get all Oauth2 details:
desc security integration oauth_locoia;
oauth_locoia is the integration name. The result looks like:

3. Generate the client_secret

Run the below command:
select SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('OAUTH_LOCOIA');
The integration name needs to be in upper case letters.
The client_secret is be returned.

Authenticating Snowflake

  1. 1.
    In Locoia, go to Settings > Connector Auth and click create. Alternatively create an authentication directly in the Flow Builder
  2. 2.
    Enter your details as explained in the images below:
Names and locator as seen in Snowflake (minimum role to see accounts: ACCOUNTADMIN)
Entering the corresponding values in the Connector Auth
3. Sign in with your Snowflake credentials. Note that this user can't have the roles ACCOUNTADMINor SECURITYADMIN.
Login with your Snowflake user
4. In the final step, you need to click Allow in order to grant access to the mentioned Snowflake entities:

API requests to Snowflake

The Snowflake API and its requests is described here.
Copy link
On this page
Setup Snowflake Custom OAuth
1. Create a security integration
2. Get the security integration's details
3. Generate the client_secret
Authenticating Snowflake
API requests to Snowflake