With Snowflake OAuth you can give every member of your Deepnote workspace their own set of credentials. You can ensure higher security by using short-lived tokens and enabling the use of multi-factor authentication. Follow the principle of least privilege and use granular access control for various Snowflake resources to ensure everyone can only access the data they need.
This section provides step by step instructions for setting up Snowflake OAuth authentication for use in Deepnote.
Please navigate to the Snowflake console (i.e., Snowsight) and create a security integration by running this code:
create security integration oauth_deepnote type=oauth enabled=true oauth_client=CUSTOM oauth_client_type='CONFIDENTIAL' oauth_redirect_uri='https://deepnote.com/auth/snowflake/native-callback' oauth_issue_refresh_tokens=true oauth_refresh_token_validity=86400;
Run the following code and note the Client ID returned in the output. We will refer to it as
OAUTH_CLIENT_IDin the following steps.
describe security integration oauth_deepnote;
Run the following code to print the Client Secret. We will refer to it as
OAUTH_CLIENT_SECRETin subsequent steps.
After heading back to Deepnote, create a Snowflake integration as described in our main Snowflake docs.
Select Snowflake OAuth as the authentication method and enter your
OAUTH_CLIENT_SECRETinto the Client ID and Client Secret fields, respectively.
Lastly, click "Create integration".