Snowflake OAuth
Last updated
Last updated
Paradime supports OAuth authentication with Snowflake. When Snowflake OAuth is enabled, users can authorize their Development credentials using Single Sign On (SSO) via Snowflake rather than submitting a username and password to Paradime.
SnowflakeIf Snowflake is setup with SSO through a third-party identity provider, developers can use this method to log into Snowflake and authorize the dbt™️ Development credentials without any additional setup.
To enable Snowflake OAuth, you will need to create a security integration in Snowflake to manage the OAuth connection between Paradime and Snowflake.
Note: Only Snowflake account administrators (users with the ACCOUNTADMIN role) or a role with the global CREATE INTEGRATION privilege can execute this SQL command.
In Snowflake, execute a query to create a security integration. Please find the complete documentation on creating a security integration for custom clients here. You can find a sample create or replace security integration query below.
TYPE
Required
ENABLED
Required
OAUTH_CLIENT
Required
OAUTH_CLIENT_TYPE
Required
OAUTH_REDIRECT_URI
Required. Use the correct domain, you can check your selected region during onboarding in the Workspace Management section of your Account Settings.
🇪🇺 eu-west-2 (Europe - London)
https://api.paradime.io/control-plane/snowflake/redirect
🇪🇺 eu-west-1 (Europe - Ireland)
https://eu-w1-api.paradime.io/control-plane/snowflake/redirect
🇪🇺 eu-central-1 (Europe - Frankfurt)
https://eu-c1-api.paradime.io/control-plane/snowflake/redirect
🇺🇸 us-east-1 (US East - N. Virginia)
https://api.us.paradime.io/control-plane/snowflake/redirect
OAUTH_ISSUE_REFRESH_TOKENS
Required
OAUTH_REFRESH_TOKEN_VALIDITY
Required. This configuration dictates the number of seconds that a refresh token is valid for. Use a smaller value to force users to re-authenticate with Snowflake more frequently.
To get the Client ID and Secret required to connect to Paradime run the below query in Snowflake: