Skip to main content
When creating an environment for a Snowflake data warehouse, you can choose to use Snowflake programmatic access tokens (PAT) for authentication. To use this authentication method, the PAT must first be generated within Snowflake, as described below. For more information, read the Snowflake documentation.

Generating the Snowflake PAT

To use PAT authentication, you must first configure a Snowflake user with the appropriate role and security policies. You will also need to generate a PAT for this user. The following SQL scripts provide examples of how to do this. You will need to modify the scripts to suit your own requirements, such as replacing the IP addresses in the network policy.

Create user, role, and schema

The GRANT statements above are examples only, to illustrate giving the new user account permissions to the needed warehouses, databases, schemas, etc. You should modify these grants to reflect your needs.

Configure security policies and apply to user

Generate the access token

Token expiration is set to 90 days in the example below, but you can adjust this as needed. You should plan token rotation and perform the rotation before the token expires, to avoid any disruption of service.