Skip to content
Scalekit Docs
Talk to an Engineer Dashboard

Snowflake Key Pair Auth

Bearer Token dataanalytics

Snowflake Key Pair Auth

What you can do

Section titled “What you can do”

Connect this agent connector to let your agent:

  • Warehouses show — Run SHOW WAREHOUSES
  • Keys show primary, show imported exported — Run SHOW PRIMARY KEYS with optional scope
  • Grants show — Run SHOW GRANTS in common modes (to role, to user, of role, on object)
  • Schemas show databases — Run SHOW DATABASES or SHOW SCHEMAS
  • Get get — Query INFORMATION_SCHEMA.TABLES for table metadata in a Snowflake database
  • Query cancel — Cancel a running Snowflake SQL API statement by statement handle

Authentication

Section titled “Authentication”

This connector uses Bearer Token authentication. Scalekit securely stores the token and injects it into API requests on behalf of your users. Your agent code never handles tokens directly — you only pass a connectionName and a user identifier.

Code examples

Connect a user’s Snowflake account using key-pair authentication and make API calls on their behalf — Scalekit handles token management automatically.

Don’t worry about your Snowflake account domain in the path. Scalekit automatically resolves {{domain}} from the connected account’s configuration. For example, a request with path="/api/v2/statements" will be sent to https://myorg-myaccount.snowflakecomputing.com/api/v2/statements automatically.

Proxy API Calls

import { ScalekitClient } from '@scalekit-sdk/node';
import 'dotenv/config';


const connectionName = 'snowflakekeyauth'; // get your connection name from connection configurations
const identifier = 'user_123';             // your unique user identifier


// Get your credentials from app.scalekit.com → Developers → Settings → API Credentials
const scalekit = new ScalekitClient(
  process.env.SCALEKIT_ENV_URL,
  process.env.SCALEKIT_CLIENT_ID,
  process.env.SCALEKIT_CLIENT_SECRET
);
const actions = scalekit.actions;


// Authenticate the user
const { link } = await actions.getAuthorizationLink({
  connectionName,
  identifier,
});
console.log('🔗 Authorize Snowflake:', link); // present this link to your user for authorization, or click it yourself for testing
process.stdout.write('Press Enter after authorizing...');
await new Promise(r => process.stdin.once('data', r));


// Make a request via Scalekit proxy
const result = await actions.request({
  connectionName,
  identifier,
  path: '/api/v2/statements',
  method: 'POST',
  body: { statement: 'SELECT CURRENT_USER()', timeout: 60 },
});
console.log(result);

Tool list

Section titled “Tool list”
snowflakekeyauth_cancel_query Cancel a running Snowflake SQL API statement by statement handle. 2 params

Cancel a running Snowflake SQL API statement by statement handle.

Name Type Required Description
statement_handle string required Snowflake statement handle to cancel
request_id string optional Optional request ID used when the statement was submitted
snowflakekeyauth_execute_query Execute one or more SQL statements against Snowflake using the SQL API. Requires a valid Snowflake OAuth2 connection. Use semicolons to submit multiple statements. 12 params

Execute one or more SQL statements against Snowflake using the SQL API. Requires a valid Snowflake OAuth2 connection. Use semicolons to submit multiple statements.

Name Type Required Description
statement string required SQL statement to execute. Use semicolons to send multiple statements in one request.
async boolean optional Execute statement asynchronously and return a statement handle
bindings object optional Bind variables object for '?' placeholders in the SQL statement
database string optional Database to use when executing the statement
nullable boolean optional When false, SQL NULL values are returned as the string "null"
parameters object optional Statement-level Snowflake parameters as a JSON object
request_id string optional Unique request identifier (UUID) used for idempotent retries
retry boolean optional Set true when resubmitting a previously sent request with the same request_id
role string optional Role to use when executing the statement
schema string optional Schema to use when executing the statement
timeout integer optional Maximum number of seconds to wait for statement execution
warehouse string optional Warehouse to use when executing the statement
snowflakekeyauth_get_columns Query INFORMATION_SCHEMA.COLUMNS for column metadata. 7 params

Query INFORMATION_SCHEMA.COLUMNS for column metadata.

Name Type Required Description
database string required Database name
column_name_like string optional Optional column name pattern
limit integer optional Maximum rows
role string optional Optional role
schema string optional Optional schema filter
table string optional Optional table filter
warehouse string optional Optional warehouse
snowflakekeyauth_get_query_partition Get a specific result partition for a Snowflake SQL API statement. 3 params

Get a specific result partition for a Snowflake SQL API statement.

Name Type Required Description
partition integer required Partition index to fetch (0-based)
statement_handle string required Snowflake statement handle returned by Execute Query
request_id string optional Optional request ID used when the statement was submitted
snowflakekeyauth_get_query_status Get Snowflake SQL API statement status and first partition result metadata by statement handle. 2 params

Get Snowflake SQL API statement status and first partition result metadata by statement handle.

Name Type Required Description
statement_handle string required Snowflake statement handle returned by Execute Query
request_id string optional Optional request ID used when the statement was submitted
snowflakekeyauth_get_referential_constraints Query INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS. 6 params

Query INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS.

Name Type Required Description
database string required Database name
limit integer optional Maximum rows
role string optional Optional role
schema string optional Optional schema filter
table string optional Optional table filter
warehouse string optional Optional warehouse
snowflakekeyauth_get_schemata Query INFORMATION_SCHEMA.SCHEMATA for schema metadata. 5 params

Query INFORMATION_SCHEMA.SCHEMATA for schema metadata.

Name Type Required Description
database string required Database name
limit integer optional Maximum rows
role string optional Optional role
schema_like string optional Optional schema pattern
warehouse string optional Optional warehouse
snowflakekeyauth_get_table_constraints Query INFORMATION_SCHEMA.TABLE_CONSTRAINTS. 7 params

Query INFORMATION_SCHEMA.TABLE_CONSTRAINTS.

Name Type Required Description
database string required Database name
constraint_type string optional Optional constraint type filter
limit integer optional Maximum rows
role string optional Optional role
schema string optional Optional schema filter
table string optional Optional table filter
warehouse string optional Optional warehouse
snowflakekeyauth_get_tables Query INFORMATION_SCHEMA.TABLES for table metadata in a Snowflake database. 6 params

Query INFORMATION_SCHEMA.TABLES for table metadata in a Snowflake database.

Name Type Required Description
database string required Database name
limit integer optional Maximum number of rows
role string optional Optional role
schema string optional Optional schema filter
table_name_like string optional Optional table name pattern
warehouse string optional Optional warehouse
snowflakekeyauth_show_databases_schemas Run SHOW DATABASES or SHOW SCHEMAS. 5 params

Run SHOW DATABASES or SHOW SCHEMAS.

Name Type Required Description
object_type string required Object type to show
database_name string optional Optional database scope for SHOW SCHEMAS
like_pattern string optional Optional LIKE pattern
role string optional Optional role
warehouse string optional Optional warehouse
snowflakekeyauth_show_grants Run SHOW GRANTS in common modes (to role, to user, of role, on object). 7 params

Run SHOW GRANTS in common modes (to role, to user, of role, on object).

Name Type Required Description
grant_view string required SHOW GRANTS variant
object_name string optional Object name for on_object
object_type string optional Object type for on_object
role string optional Optional execution role
role_name string optional Role name (for to_role/of_role)
user_name string optional User name (for to_user)
warehouse string optional Optional warehouse
snowflakekeyauth_show_imported_exported_keys Run SHOW IMPORTED KEYS or SHOW EXPORTED KEYS for a table. For reliable execution in this environment, use fully-qualified scope (database_name + schema_name + table_name). 6 params

Run SHOW IMPORTED KEYS or SHOW EXPORTED KEYS for a table. For reliable execution in this environment, use fully-qualified scope (database_name + schema_name + table_name).

Name Type Required Description
key_direction string required Which command to run
table_name string required Table name (use with schema_name and database_name for fully-qualified scope)
database_name string optional Optional database name (recommended with schema_name)
role string optional Optional role
schema_name string optional Optional schema name (recommended with database_name)
warehouse string optional Optional warehouse
snowflakekeyauth_show_primary_keys Run SHOW PRIMARY KEYS with optional scope. When using schema_name (or schema_name + table_name), database_name is required for fully-qualified scope. 5 params

Run SHOW PRIMARY KEYS with optional scope. When using schema_name (or schema_name + table_name), database_name is required for fully-qualified scope.

Name Type Required Description
database_name string optional Optional database name for scope (required when schema_name is set)
role string optional Optional role
schema_name string optional Optional schema name for scope
table_name string optional Optional table name for scope
warehouse string optional Optional warehouse
snowflakekeyauth_show_warehouses Run SHOW WAREHOUSES. 3 params

Run SHOW WAREHOUSES.

Name Type Required Description
like_pattern string optional Optional LIKE pattern
role string optional Optional role
warehouse string optional Optional warehouse