Loading
About Salesforce Data 360
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Get User Credentials from Snowflake

            You are here:

            1. Salesforce Help
            2. Docs
            3. Data 360

            Get User Credentials from Snowflake

            Gather the user information and authentication details in Snowflake to create a data share target.

            These steps involve running commands in Snowflake. We recommend contacting your Snowflake admin for any troubleshooting assistance.

            1. In Snowflake, create a user for Data 360 admin or Data Aware Specialist. 
              
CREATE OR REPLACE USER  <Data 360 Admin or Data Aware Specialist> 
  PASSWORD = '<string>'
  LOGIN_NAME = <string>
  DISPLAY_NAME = <string>
  FIRST_NAME = <string>
  MIDDLE_NAME = <string>
  LAST_NAME = <string>
  EMAIL = <string>
  DEFAULT_ROLE = <Any Public Role With Low Privileges>;
              If you want to use an existing user, you can skip creating a user. Make sure that the default role isn’t ACCOUNTADMIN, SECURITYADMIN, or ORGADMIN. The user must have USAGE privileges (Read & Query) for the relevant warehouse.
            2. In Snowflake, create a security integration. 
              
CREATE OR REPLACE SECURITY INTEGRATION [IF NOT EXISTS]
  <Data Cloud_Snowflake_Security_Integration>
  TYPE = OAUTH
  OAUTH_CLIENT = CUSTOM
  OAUTH_CLIENT_TYPE = 'CONFIDENTIAL'
  OAUTH_REDIRECT_URI = 'https://login.salesforce.com/services/cdpSnowflakeOAuthCallback'
  ENABLED = TRUE 
  OAUTH_ISSUE_REFRESH_TOKENS = TRUE;

              For a Data Cloud sandbox org, the OAUTH_REDIRECT_URI is https://test.salesforce.com/services/cdpSnowflakeOAuthCallback

            3. In Snowflake, run the DESCRIBE statement to get the OAUTH_AUTHORIZATION_ENDPOINT details. 
              DESC SECURITY INTEGRATION <Data Cloud_Snowflake_Security_Integration>;
              When you create a data share target in Data 360, for Account URL, enter the value of OAUTH_AUTHORIZATION_ENDPOINT and convert any underscores to hyphens and ignore the subdirectory and subsequent parts.

              For example, if your OAuth Authorization Endpoint URL is https://nto_america_dev_instance.example.computing.com/oauth/authorize, enter https://nto-america-dev-instance.example.computing.com for the Account Url.

            4. In Snowflake, get the client credentials. 
              SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS( '<Data Cloud_Snowflake_Integration>');
              Use the Client ID and Client Secret to create a data share target. Share the credentials with your Data 360 admin.
             
            Loading
            Salesforce Help | Article