snow connection generate-jwt¶

Generate a JWT token, which will be printed out and displayed..

Syntax¶

snow connection generate-jwt
  --connection <connection>
  --host <host>
  --port <port>
  --account <account>
  --user <user>
  --password <password>
  --authenticator <authenticator>
  --private-key-file <private_key_file>
  --token-file-path <token_file_path>
  --database <database>
  --schema <schema>
  --role <role>
  --warehouse <warehouse>
  --temporary-connection
  --mfa-passcode <mfa_passcode>
  --enable-diag
  --diag-log-path <diag_log_path>
  --diag-allowlist-path <diag_allowlist_path>
  --format <format>
  --verbose
  --debug
  --silent

Copy

Arguments¶

None

Options¶

--connection, -c, --environment TEXT: Name of the connection, as defined in your config.toml file. Default: default.
--host TEXT: Host address for the connection. Overrides the value specified for the connection.
--port INTEGER: Port for the connection. Overrides the value specified for the connection.
--account, --accountname TEXT: Name assigned to your Snowflake account. Overrides the value specified for the connection.
--user, --username TEXT: Username to connect to Snowflake. Overrides the value specified for the connection.
--password TEXT: Snowflake password. Overrides the value specified for the connection.
--authenticator TEXT: Snowflake authenticator. Overrides the value specified for the connection.
--private-key-file, --private-key-path TEXT: Snowflake private key file path. Overrides the value specified for the connection.
--token-file-path TEXT: Path to file with an OAuth token that should be used when connecting to Snowflake.
--database, --dbname TEXT: Database to use. Overrides the value specified for the connection.
--schema, --schemaname TEXT: Database schema to use. Overrides the value specified for the connection.
--role, --rolename TEXT: Role to use. Overrides the value specified for the connection.
--warehouse TEXT: Warehouse to use. Overrides the value specified for the connection.
--temporary-connection, -x: Uses connection defined with command line parameters, instead of one defined in config. Default: False.
--mfa-passcode TEXT: Token to use for multi-factor authentication (MFA).
--enable-diag: Run Python connector diagnostic test. Default: False.
--diag-log-path TEXT: Diagnostic report path. Default: <temporary_directory>.
--diag-allowlist-path TEXT: Diagnostic report path to optional allowlist.
--format [TABLE|JSON]: Specifies the output format. Default: TABLE.
--verbose, -v: Displays log entries for log levels info and higher. Default: False.
--debug: Displays log entries for log levels debug and higher; debug logs contain additional information. Default: False.
--silent: Turns off intermediate output to console. Default: False.

--help: Displays the help text for this command.

Usage notes¶

The snow connection generate-jwt command generates a JWT (JSON Web Token) that you can use for key-pair authentication when connecting to Snowflake. You can use the token to connect to Snowflake from any Snowflake application, such as the SQL REST API or the Snowflake REST APIs.

Examples¶

This example generates a token for account TEST and user JDOE, using the private key from rsa_key.p8:

snow connection generate-jwt --user JDOE --account TEST --private-key-file=rsa_key.p8

Copy

The command prompts you for a private key passphrase to complete the connection. You can avoid the prompt by providing the passphrase in the PRIVATE_KEY_PASSPHRASE environment variable.