ALTER APPLICATION SET SPECIFICATIONS¶

Creates or updates an app specification for a Snowflake Native App.

Note

This command can only be used by a Snowflake Native App.

See also:: ALTER APPLICATION, ALTER APPLICATION … { APPROVE | DECLINE} SPECIFICATION, ALTER APPLICATION DROP SPECIFICATION

Syntax¶

External access integration¶

ALTER APPLICATION SET SPECIFICATION <app_spec_name>
  TYPE = EXTERNAL_ACCESS
  LABEL = '<label>'
  DESCRIPTION = '<description>'
  { HOST_PORTS | PRIVATE_HOST_PORTS } = ( '<value>' [, '<value>', ... ] )

Copy

Security integration (CLIENT_CREDENTIALS)¶

ALTER APPLICATION SET SPECIFICATION <app_spec_name>
    TYPE = SECURITY_INTEGRATION
    LABEL = '<string_literal>'
    DESCRIPTION = '<string_literal>'
    OAUTH_TYPE = 'CLIENT_CREDENTIALS'
    OAUTH_TOKEN_ENDPOINT = '<string_literal>'
    OAUTH_ALLOWED_SCOPES = ( '<scope>' [ , '<scope>' ... ] );

Copy

Security integration (AUTHORIZATION_CODE)¶

ALTER APPLICATION SET SPECIFICATION <app_spec_name>
  TYPE = SECURITY_INTEGRATION
  LABEL = '<string_literal>'
  DESCRIPTION = '<string_literal>'
  OAUTH_TYPE = 'AUTHORIZATION_CODE'
  OAUTH_TOKEN_ENDPOINT = '<string_literal>'
  [ OAUTH_AUTHORIZATION_ENDPOINT = '<string_literal>' ]
  [ OAUTH_ALLOWED_SCOPES = ( '<scope>' [ , '<scope>' ... ] ) ];

Copy

Security integration (JWT_BEARER)¶

ALTER APPLICATION SET SPECIFICATION <app_spec_name>
  TYPE = SECURITY_INTEGRATION
  LABEL = '<string_literal>'
  DESCRIPTION = '<string_literal>'
  OAUTH_TYPE = 'JWT_BEARER'
  OAUTH_TOKEN_ENDPOINT = '<string_literal>'
  [ OAUTH_AUTHORIZATION_ENDPOINT = '<string_literal>' ]
  [ OAUTH_ALLOWED_SCOPES = ( '<scope>' [ , '<scope>' ... ] ) ];

Copy

General parameters¶

app_spec_name

Identifier for the app specification.

TYPE = {EXTERNAL_ACCESS | SECURITY_INTEGRATION}

Specifies the type of app specification. Supported values are:

LABEL = 'label'

Specifies a label for the app specification. This label is the name of the app specification that is visible to the consumer. Each app specification must have a unique label.

DESCRIPTION = 'description'

Specifies a description of the app specification. Snowflake recommends including information about the app specification type and why it is required by the app.

External access integration parameters¶

HOST_PORTS | PRIVATE_HOST_PORTS = ( 'value' [ , 'value', ... ] ): Specifies a list of host ports or private host ports that the app can connect to. These ports are used by external access integrations.

Security integration parameters - CLIENT_CREDENTIALS¶

OAUTH_TYPE = 'CLIENT_CREDENTIALS': Specifies the type of security integration for external API Authentication. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_TOKEN_ENDPOINT = 'string_literal': Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_ALLOWED_SCOPES = ( 'scope' [ , 'scope' ... ] ): Specifies a comma-separated list of scopes, with single quotes surrounding each scope, to use when making a request from the OAuth by a role with USAGE on the integration during the OAuth client credentials flow. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_ACCESS_TOKEN_VALIDITY = integer: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.

Security integration parameters - AUTHORIZATION_CODE¶

OAUTH_TYPE = 'AUTHORIZATION_CODE': Specifies the type of security integration for external API Authentication. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_TOKEN_ENDPOINT = 'string_literal': Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_AUTHORIZATION_ENDPOINT = 'string_literal': Specifies the URL for authenticating to the external service. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_ACCESS_TOKEN_VALIDITY = integer: Specifies the default lifetime of the OAuth access token (in seconds) issued by an OAuth server. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_REFRESH_TOKEN_VALIDITY = integer: Specifies the default lifetime of the OAuth refresh token (in seconds) issued by an OAuth server. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.

Security integration parameters - JWT_BEARER¶

OAUTH_TYPE = 'JWT_BEARER': Specifies the type of security integration for external API Authentication. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_TOKEN_ENDPOINT = 'string_literal': Specifies the token endpoint used by the client to obtain an access token by presenting its authorization grant or refresh token. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_AUTHORIZATION_ENDPOINT = 'string_literal': Specifies the URL for authenticating to the external service. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.
OAUTH_REFRESH_TOKEN_VALIDITY = integer: Specifies the default lifetime of the OAuth refresh token (in seconds) issued by an OAuth server. See CREATE SECURITY INTEGRATION (External API Authentication) for more information.

Usage notes¶

To use this command, providers must ensure that the manifest file of the app uses manifest_version = 2.