After the token is created, it is submitted in requests to the token endpoint in the Bearer authorization format as the authorization header instead of the basic authorization format.

Security administrators can pre-authorize consent for a client to initiate a session for a user using a specified role and integration. This consent is granted using ALTER USER with the ADD DELEGATED AUTHORIZATION keywords. The delegated authorization can also be revoked.

Generate a new private and public key set, assign the public key to the integration, update the code to connect to Snowflake with the new private key, and remove the old public key from the integration.

Generate an encrypted private key from the command line, create a public key referencing the private key, store these keys in a local directory, and assign the public key to the integration object using ALTER SECURITY INTEGRATION.

Snowflake supports using key pair authentication when calling the OAuth token endpoint. This method requires a 2048-bit (minimum) RSA key pair, generated using OpenSSL. The public key is assigned to the Snowflake user who uses the Snowflake client.

The client creates a secret, generates a code challenge, and holds onto the secret. When a user consents to the requested scopes, the authorization code is issued. The client submits the authorization code along with the code_verifier in the request to the token endpoint. Snowflake then verifies that the transformed code_verifier value matches the code_challenge value used when generating authorizations. If they match, access and refresh tokens are issued.

Snowflake supports Proof Key for Code Exchange (PKCE) for obtaining access tokens using the authorization_code grant type as described in RFC 7636.

The token endpoint returns access tokens or refresh tokens depending on the request parameters. The request parameters include grant type, code or refresh token, and redirect URI. The client ID and client secret must be included in the authorization header.

The scope query parameter in the initial authorization request optionally limits the operations and role permitted by the access token. The scope is validated immediately when making an authorization request with respect to semantics.

The client sends a GET request to the Snowflake's OAuth authorization endpoint with several query parameters. Once a user authorizes the client, a redirect is made to the redirect_uri that contains a short-lived authorization code in a GET request.

Snowflake supports network policies for OAuth, but no further details have been provided at the moment.

Snowflake supports using Client Redirect with Snowflake OAuth Custom Clients, including using Client Redirect and OAuth with supported Snowflake Clients.

The optional BLOCKED_ROLES_LIST parameter allows you to list Snowflake roles that a user cannot explicitly consent to using with the integration.

Only account administrators or a role with the global CREATE INTEGRATION privilege can execute the SQL command to create a Snowflake OAuth integration

On Snowflake, in-session role switching to secondary roles is not supported with Snowflake OAuth. If such behavior is necessary, use External OAuth instead

An integration in Snowflake provides an interface between Snowflake and third-party services, such as a client that supports OAuth.

You can configure OAuth in 2 quick steps

1. Register your client with Snowflake by creating an integration.
2. Configure calls to the Snowflake OAuth endpoints to request authorization codes and access tokens.

Snowflake Native Apps are a new way to build data intensive applications. Snowflake Native Apps benefit from running inside Snowflake and can be installed from the Snowflake Marketplace similar to installing an app on a smart phone. Snowflake Native Apps can read and write data to a user's database (when given permission to do so). Snowflake Native Apps can even bring in new data to their users, providing new insights.

Snowflake Native Applications provide developers a way to package applications for consumption by other Snowflake users. The Snowflake Marketplace is a central place for Snowflake users to discover and install Snowflake Native Applications.

If you go to Snowflake's official tutorial on Getting Started with Native Apps you will find a detailed explanation of how to build, distribute, deploy, monetize, and operate apps natively in the data cloud. In the next days and weeks, we will be sharing more exciting and important information around Snowflake Native Apps. Stay tuned!

We will be building a Snowflake Native Application used for inventory and supply chain management. In this scenario, we have various suppliers of raw material and our native app will use order data, shipping data, and site recovery data to intelligently determine the following:

Lead Time Status: bar chart to demonstrate real-time overview of the lead time status of the raw material procurement process.

Raw Material Inventory: bar/table view of inventory levels of the raw materials.

Purchase Order Status: pie chart display the status of all the purchase orders (shipped, in transit; completed).

Supplier Performance: bar chart group by supplier measuring the lead time, quality, and cost of raw materials delivered by each supplier.

Prerequisites:
Snowflake Trial Account
Beginner Python knowledge

What You'll Learn:
Native apps concepts
Native Apps deployment
Native Apps sharing and Marketplace Listing

What You'll Need:
A GitHub Account
VSCode Installed

What You'll Build:
A Snowflake Native Application.

Yes, Snowflake supports sequences, which are used to generate unique numeric values in a sequential order. Sequences are useful for scenarios such as generating surrogate keys for tables or creating unique identifiers for records.

In Snowflake, you can create a sequence using the CREATE SEQUENCE statement. Here's an example of creating a sequence:

sql
Copy code
CREATE SEQUENCE my_sequence;
By default, the sequence starts at 1 and increments by 1 for each new value generated. However, you can customize the sequence behavior by specifying additional options during sequence creation, such as the starting value, increment, minimum value, maximum value, and cycle behavior.

Once the sequence is created, you can retrieve the next value from the sequence using the NEXTVAL function. Here's an example:

sql
Copy code
SELECT NEXTVAL(my_sequence);
Snowflake ensures that the sequence values are generated in a concurrent-safe manner, even in a multi-user environment with high concurrency. Each user session will receive a unique value from the sequence when calling the NEXTVAL function.

Sequences in Snowflake are particularly useful when you need to generate unique, incrementing values without the need for external synchronization or coordination. They offer a reliable and scalable solution for generating sequential numeric values in a distributed data environment.

It's important to note that Snowflake sequences are not transactionally tied to specific tables. If you require sequences that are tightly integrated with table records, you can use an auto-incrementing column with the IDENTITY keyword instead.

In Snowflake, floating-point numbers (floats) are stored using a fixed-point format, rather than the IEEE 754 standard format. Snowflake uses a decimal-based fixed-point data type for precise numeric storage and calculations.

In Snowflake, floats are stored using the following fixed-point data types:

1. FLOAT:

- The FLOAT data type in Snowflake is a fixed-point numeric data type.
- It is used for representing floating-point numbers with variable precision.
- The precision and scale of a FLOAT column are specified during table creation or column definition.
- Precision refers to the total number of digits (both integer and decimal) that a FLOAT column can store.
- Scale represents the number of decimal places that can be stored in the FLOAT column.
- The precision can range from 1 to 38, and the scale can range from -84 to 127.
- The storage size for a FLOAT column depends on the specified precision and scale, and it is variable based on the value being stored.

2. DOUBLE:

- The DOUBLE data type in Snowflake is a double-precision fixed-point numeric data type.
- It provides higher precision compared to the FLOAT data type.
- DOUBLE columns have a fixed precision of 38 and a scale of -84 to 127, allowing for a wide range of numeric values with high precision.
- DOUBLE columns occupy a fixed storage size of 16 bytes.

Unlike the IEEE 754 binary-based floating-point format, Snowflake's fixed-point storage format allows for precise numeric calculations without the inherent limitations and precision issues associated with binary-based floats.

It's important to note that when working with floating-point numbers in Snowflake, you should consider the appropriate precision and scale for your specific use case to ensure accurate storage and calculations.