Authors: Geetika Bansal & Hima Naga Bindu Narni
This blog explains how to configure OAuth (Open Authorization) access to Snowflake for supported Snowflake partner applications. This process first requires creating an integration, a first-class Snowflake object that defines the interface between Snowflake and a third-party application or service
Introduction:
It is an open-standard protocol that allows supported clients authorized access to Snowflake without sharing or storing user login credentials.
For now, Tableau applications can only authorize the default custom role for a user; or, if a default custom role is not set, then the PUBLIC role is used as the active role for the session
Currently, Snowflake OAuth supports the following applications:
Steps to be followed:
1. Create a custom role in Snowflake and make it a default
Eg: Create a custom role as app_role
2. Create Security integration in Snowflake :
a. Sql:
create security integration tableau_oauth
type = oauth
enabled = true
oauth_client = tableau_desktop;
3. Open tableau desktop >> To a server >> More >> Snowflake
a. Server name = Snowflake account URL
b. Role = Custom role you have created in Snowflake account
c. Choose the authentication method as “SIGN IN USING OAUTH”.
d. Click on sign in button
e. If you have implemented Okta with Snowflake, need to click on Sign in using my. Else, need to enter Snowflake credentials
4. After a successful connection between tableau and Snowflake, the user should be able to see the below screen
Conclusion:
After implementing all the above steps, the user should be able to use OAuth to let application developers securely access the user data without sharing their passwords.