snow connection generate-jwt¶
Generate and display a JWT token.
Syntax¶
snow connection generate-jwt
--connection <connection>
--host <host>
--port <port>
--account <account>
--user <user>
--password <password>
--authenticator <authenticator>
--private-key-file <private_key_file>
--token-file-path <token_file_path>
--database <database>
--schema <schema>
--role <role>
--warehouse <warehouse>
--temporary-connection
--mfa-passcode <mfa_passcode>
--enable-diag
--diag-log-path <diag_log_path>
--diag-allowlist-path <diag_allowlist_path>
--format <format>
--verbose
--debug
--silent
Arguments¶
None
Options¶
--connection, -c, --environment TEXT
Name of the connection, as defined in your
config.toml
file. Default:default
.--host TEXT
Host address for the connection. Overrides the value specified for the connection.
--port INTEGER
Port for the connection. Overrides the value specified for the connection.
--account, --accountname TEXT
Name assigned to your Snowflake account. Overrides the value specified for the connection.
--user, --username TEXT
Username to connect to Snowflake. Overrides the value specified for the connection.
--password TEXT
Snowflake password. Overrides the value specified for the connection.
--authenticator TEXT
Snowflake authenticator. Overrides the value specified for the connection.
--private-key-file, --private-key-path TEXT
Snowflake private key file path. Overrides the value specified for the connection.
--token-file-path TEXT
Path to file with an OAuth token that should be used when connecting to Snowflake.
--database, --dbname TEXT
Database to use. Overrides the value specified for the connection.
--schema, --schemaname TEXT
Database schema to use. Overrides the value specified for the connection.
--role, --rolename TEXT
Role to use. Overrides the value specified for the connection.
--warehouse TEXT
Warehouse to use. Overrides the value specified for the connection.
--temporary-connection, -x
Uses connection defined with command line parameters, instead of one defined in config. Default: False.
--mfa-passcode TEXT
Token to use for multi-factor authentication (MFA).
--enable-diag
Run Python connector diagnostic test. Default: False.
--diag-log-path TEXT
Diagnostic report path. Default: <temporary_directory>.
--diag-allowlist-path TEXT
Diagnostic report path to optional allowlist.
--format [TABLE|JSON]
Specifies the output format. Default: TABLE.
--verbose, -v
Displays log entries for log levels
info
and higher. Default: False.--debug
Displays log entries for log levels
debug
and higher; debug logs contain additional information. Default: False.--silent
Turns off intermediate output to console. Default: False.
--help
Displays the help text for this command.
Usage notes¶
The snow connection generate-jwt
command generates a JWT (JSON Web Token) that you can use for key-pair authentication when connecting to Snowflake. You can use the token to connect to Snowflake from any Snowflake application, such as the SQL REST API or the Snowflake REST APIs.
Examples¶
This example generates a token for account TEST
and user JDOE
, using the private key from rsa_key.p8
:
snow connection generate-jwt --user JDOE --account TEST --private-key-file=rsa_key.p8
The command prompts you for a private key passphrase to complete the connection. You can avoid the prompt by providing the passphrase in the PRIVATE_KEY_PASSPHRASE
environment variable.