Snowflake-managed MCP server

Overview

Model Context Protocol (MCP), is an open-source standard that lets AI agents securely interact with business applications and external data systems, such as databases and content repositories. MCP lets enterprise businesses reduce integration challenges and quickly deliver outcomes from models. Since its launch, MCP has become foundational for agentic applications, providing a consistent and secure mechanism for invoking tools and retrieving data.

The Snowflake-managed MCP server lets AI agents securely retrieve data from Snowflake accounts without needing to deploy separate infrastructure. You can configure the MCP server to serve Cortex Analyst and Cortex Search as tools on the standards-based interface. MCP clients discover and invoke these tools, and retrieve data required for the application. With managed MCP servers on Snowflake, you can build scalable enterprise-grade applications while maintaining access and privacy controls. The MCP server on Snowflake provides:

  • Standardized integration: Unified interface for tool discovery and invocation, in compliance with the rapidly evolving standards.

  • Comprehensive authentication: Snowflake’s built-in OAuth service to enable OAuth-based authentication for MCP integrations.

  • Robust governance: Role based access control (RBAC) for the MCP server and tools to manage tool discovery and invocation.

Create an MCP Server object

Create an object, specifying the tools and other metadata. MCP clients that connect with the server, after requisite authentication, are able to discover and invoke these tools.

  1. Navigate to the desired database and schema to create the MCP server in.

  2. Create the MCP server:

    CREATE [OR REPLACE ] MCP SERVER [ IF NOT EXISTS] <server_name>
    FROM SPECIFICATION $$
        tools:
          - name: "policy-search",
            type*"": "Cortex_Search_Service_Query"
            identifier": "database1.schema1.Cortex_Search_Service1",
            description": "cortex search service for all products"
            "title": "Product Search"
    
          - name: "revenue-semantic-view",
            type: "Cortex_Search_Analyst_Message"
            identifier: "database1.schema1.Semantic_View_1",
            description: "Semantic view for all revenue tables"
            title: "Semantic view for revenue"
            config:
                  warehouse: "finance_warehouse"
    $$
    
    Copy
  3. You can use the following commands to show, describe, and drop the MCP server.

    DESCRIBE MCP SERVER <server_name>;
    
        Output:
            |      name       | database_name | schema_name |    owner     | comment |     server_spec        |               created_on               |
            ------------------------------------------------------------------------------------------------------+-------------------------------------
            | TEST_MCP_SERVER | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | [NULL]  | {"version":1,"tools":[{"name":"basic_search","identifier":"db.schema.search_service","type":"CORTEX_SEARCH_SERVICE_QUERY"}]} | Fri, 23 Jun 1967 07:00:00.123000 +0000 |
    
    SHOW MCP SERVERS IN DATABASE <database_name>;
    SHOW MCP SERVERS IN SCHEMA <schema_name>;
    SHOW MCP SERVERS IN ACCOUNT;
    
         Output:
            |               created_on               |       name        | database_name | schema_name |    owner     |           comment            |
            ------------------------------------------+-------------------+---------------+-------------+--------------+------------------------------
            | Fri, 23 Jun 1967 07:00:00.123000 +0000 | TEST_MCP_SERVER   | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | [NULL]                       |
            | Fri, 23 Jun 1967 07:00:00.123000 +0000 | TEST_MCP_SERVER_2 | TEST_DATABASE | TEST_SCHEMA | ACCOUNTADMIN | Test MCP server with comment |
    
    DROP MCP SERVER <server_name>;
    
    Copy

Access control

You can use the following privileges to manage access to the MCP object and the underlying tools

Privilege

Object

Description

OWNERSHIP

MCP Object

Required to update the object configuration

MODIFY

MCP Object

Provides update, drop, describe, show, and use (tools/list and tools/call) on the object configuration

USAGE

MCP Object

Required to connect with the MCP server and discover tools

USAGE

Cortex Search Service

Required to invoke the Cortex Search tool in the MCP server

USAGE

Semantic View

Required to invoke the Cortex Analyst tool in the MCP server

Setup Authentication

Configure authentication on the MCP client. The Snowflake-managed MCP server supports OAuth 2.0 aligned with the authorization recommendation in the MCP protocol.

  1. First, create the security integration:

    CREATE [ OR REPLACE ] SECURITY INTEGRATION [IF NOT EXISTS]
    
    <integration_name>
    
    TYPE = OAUTH
    
    OAUTH_CLIENT = CUSTOM
    
    OAUTH_REDIRECT_URI = '<redirect_URI>'
    
    Copy
  2. Then, call the client secrets with the integration name:

    CALL SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('<integration_name>');
    
    Copy

Initialize the MCP server

After authenticating, initialize the server by issuing GET and POST calls to the following API endpoint:

POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
    {
        "jsonrpc": "2.0",
        "id": 1,
        "method": "initialize"
        "params": {}
    }

Output:

{
    "jsonrpc": "2.0", // passthrough from req
    "id": 1, // passthrough from req
    "result": {
        "proto_version": "2025-06-18",
        "capabilities": {
            "tools": {
                "listChanged": false
            }
        },
        "server_info": {
            "name": "<snowflake-mcp-name>",
            "title": "Snowflake Server: <snowflake-mcp-name>",
            "version": "1.0.0"
        }
    }
}
Copy

Discover and invoke tools

The MCP clients can discover and invoke tools with tools/list and tools/call requests.

To discover tools, issue a POST call as shown in the tools/list request:

POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
    {
        "jsonrpc": "2.0",
        "id": 1,
        "method": "tools/list",
        "params": {}
    }

Output:

{
    "jsonrpc": "2.0", // passthrough from req
    "id": 1, // passthrough from req
    "result": {
        "tools": [ // search
            {
                "name":"test-search",
                "description":"Test search tool",
                "inputSchema": {
                    "type": "object",
                    "description": "A search query and additional parameters for search.",
                    "properties": {
                        "query": {
                            "description": "Unstructured text query.  Exactly one of 'query' or 'multi_index_query' must be specified.",
                            "type": "string"
                        },
                        "columns": {
                            "description": "List of columns to return.",
                            "type": "array",
                            "items": {
                                "type": "string"
                            }
                        },
                        "filter": {
                            "description": "Filter query.",
                            "type": "object"
                        },
                        "limit": {
                            "description": "Max number of results to return.",
                            "type": "integer",
                            "default": 10
                        }
                    }
                },
                "outputSchema": {
                    "type": "object",
                    "description": "Search results.",
                    "properties": {
                        "results": {
                            "description": "List of result rows.",
                            "type": "array",
                            "items": {
                                "type": "object",
                                "additionalProperties": true,
                                "description": "Map of column names to values (as bytes)."
                            }
                        },
                    "request_id": {
                        "description": "ID of the request.",
                        "type": "string"
                    }
                },
                "required": ["results", "request_id"]
            }
          },
          { // analyst
              "name":"test",
              "description":"Test tool",
              "inputSchema": {
                  "type": "object",
                  "description": "A message and additional parameters for Cortex Analyst.",
                  "properties": {
                      "message": {
                          "description": "The user’s question.",
                          "type": "string"
                      }
                  }
              }
          }
        ]
    }
}
Copy

To invoke a tool, issue a POST call as shown in the tools/call request.

For the Analyst tool, you pass messages in the request. The SQL statement is listed as output.

POST /api/v2/databases/<database>/schemas/<schema>/mcp-servers/<name>
    {
        "jsonrpc": "2.0",
        "id": 1,
        "method": "tools/call"
        "params": {
            "name": "test-analyst",
            "arguments": {
                "Messages": "array"
            }
        }
    }

Output:

{
    jsonrpc": "2.0",
    "id": 1,
    "result": {
        "content": [
            {
                "type": "text",
                "text": "string"
            }
        ]
    }
}
Copy

For the Search tool, you can pass query, columns, filter, and limit in the request. The search results and request ID are listed as output.

POST /api/v2/databases/{database}/schemas/{schema}/mcp-servers/{name}
    {
        "jsonrpc": "2.0",
        "id": 1,
        "method": "tools/call"
        "params": {
            "name": "test-search",
            "arguments": {
                "query": "Hotels in NYC",
                "columns": array of strings,
                "filter": json,
                "limit": int
            }
        }
  }


Output:

{
    "jsonrpc": "2.0",
    "id": 1,
    "result": {
        "results": {}
    }
}
Copy

Limitations

Snowflake managed MCP server does not support the following constructs in the MCP protocol: resources, prompts, roots, notifications, version negotiations, life cycle phases, and sampling.

Only non-streaming responses are supported.