SHOW USER PROGRAMMATIC ACCESS TOKENS¶
Lists the programmatic access tokens associated with a user.
- See also:
ALTER USER … ADD PROGRAMMATIC ACCESS TOKEN (PAT) , ALTER USER … MODIFY PROGRAMMATIC ACCESS TOKEN (PAT) , ALTER USER … ROTATE PROGRAMMATIC ACCESS TOKEN (PAT) , ALTER USER … REMOVE PROGRAMMATIC ACCESS TOKEN (PAT)
Syntax¶
SHOW USER { PROGRAMMATIC ACCESS TOKENS | PATS } [ FOR USER <username> ]
You can use the keyword PATS as a shorter way of specifying the keywords PROGRAMMATIC ACCESS TOKENS.
Parameters¶
FOR USER username
Lists the programmatic access tokens for the specified user.
Default: Lists the programmatic access tokens for the current user.
Output¶
The output of the command includes the following columns, which describe the properties and metadata of the object:
The command output includes the following columns, which provide properties and metadata for each programmatic access token:
Column |
Description |
---|---|
|
The name of the programmatic access token. |
|
The username associated with the programmatic access token. If the user associated with the programmatic access token was removed from the account, then Snowflake returns the user ID instead of the username. You can find information about a removed user by using the USERS view in the ACCOUNT_USAGE schema. |
|
The name of the role that the programmatic access token inherits privileges from. |
|
The timestamp when the programmatic access token expires. |
|
The expiration status of the programmatic access token. This column can be one of the following values:
|
|
A user-provided comment about the programmatic access token. |
|
The date when the programmatic access token was created. |
|
The username or user ID of the user who created the programmatic access token. |
|
The number of minutes during which a user can use this token to access Snowflake without being subject to an active network policy. |
Access control requirements¶
A role used to execute this operation must have the following privileges at a minimum:
Privilege |
Object |
Notes |
---|---|---|
MODIFY |
User |
Required only when displaying programmatic access tokens for a user other than yourself. |
For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.
For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.
Usage notes¶
The command lists all programmatic access tokens for a given user, not all programmatic access tokens for an account.
The programmatic access token secret is never returned after creation.
Examples¶
Show information about programmatic access tokens associated with the user example_user
:
SHOW USER PROGRAMMATIC ACCESS TOKENS FOR USER example_user;