Schema:

ACCOUNT_USAGE

USERS view¶

This Account Usage view can be used to query a list of all users in the account. The data is retained for 365 days (1 year).

Columns¶

Note

To view the TYPE and HAS_MFA columns, you must enable the 2024_06 behavior change bundle in your account.

To enable this bundle in your account, execute the following statement:

SELECT SYSTEM$ENABLE_BEHAVIOR_CHANGE_BUNDLE('2024_06');
Copy

Column Name

Data Type

Description

USER_ID

NUMBER

Internal/system-generated identifier for the user.

NAME

VARCHAR

A unique identifier for the user.

CREATED_ON

TIMESTAMP_LTZ

Date and time (in the UTC time zone) when the user’s account was created.

DELETED_ON

TIMESTAMP_LTZ

Date and time (in the UTC time zone) when the user’s account was deleted.

LOGIN_NAME

VARCHAR

Name that the user enters to log into the system.

DISPLAY_NAME

VARCHAR

Name displayed for the user in the Snowflake web interface.

FIRST_NAME

VARCHAR

First name of the user.

LAST_NAME

VARCHAR

Last name of the user.

EMAIL

VARCHAR

Email address for the user.

MUST_CHANGE_PASSWORD

BOOLEAN

Specifies whether the user is forced to change their password on their next login.

HAS_PASSWORD

BOOLEAN

Specifies whether a password was created for the user.

COMMENT

VARCHAR

Comment for the user.

DISABLED

VARIANT

Specified whether the user account is disabled preventing the user from logging in to the Snowflake and running queries.

SNOWFLAKE_LOCK

VARIANT

Specifies whether a temporary lock has been placed on the user’s account.

DEFAULT_WAREHOUSE

VARCHAR

The virtual warehouse that is active by default for the user’s session upon login.

DEFAULT_NAMESPACE

VARCHAR

The namespace (database only or database and schema) that is active by default for the user’s session upon login.

DEFAULT_ROLE

VARCHAR

The role that is active by default for the user’s session upon login.

EXT_AUTHN_DUO

VARIANT

Specifies whether Duo Security is enabled for the user, which requires the user to use MFA (multi-factor authorization) for login.

EXT_AUTHN_UID

VARCHAR

The authorization ID used for Duo Security.

BYPASS_MFA_UNTIL

TIMESTAMP_LTZ

The number of minutes to temporarily bypass MFA for the user.

LAST_SUCCESS_LOGIN

TIMESTAMP_LTZ

Date and time (in the UTC time zone) when the user last logged in to the Snowflake.

EXPIRES_AT

TIMESTAMP_LTZ

The date and time when the user’s status is set to EXPIRED and the user can no longer log in. This is useful for defining temporary users (e.g. users who should only have access to Snowflake for a limited time period).

LOCKED_UNTIL_TIME

TIMESTAMP_LTZ

Specifies the number of minutes until the temporary lock on the user login is cleared.

HAS_RSA_PUBLIC_KEY

BOOLEAN

Specifies whether RSA public key used for key pair authentication has been set up for the user.

PASSWORD_LAST_SET_TIME

TIMESTAMP_LTZ

The timestamp on which the last non-null password was set for the user. Default to null if no password has been set yet or if Snowflake is unable to determine the timestamp for the user before the inclusion of this column.

OWNER

VARCHAR

Specifies the role with the OWNERSHIP privilege on the object.

DEFAULT_SECONDARY_ROLE

VARCHAR

Specifies the default secondary role for the user (i.e. ALL) or NULL if not set.

TYPE

VARCHAR

Specifies the type of user. PERSON, SERVICE, LEGACY_SERVICE, or NULL. Default: NULL. For more information about types of users, see the TYPE object property of users [1].

HAS_MFA

BOOLEAN

Specifies whether the user is enrolled for multi-factor authentication [1].

Usage notes¶

  • Latency for the view may be up to 120 minutes (2 hours).

  • The LAST_SUCCESS_LOGIN column may have a value that differs from the last_success_login column in the SHOW USERS command output because of different methodologies used to record near-real-time and historical logins. The column might have a NULL value if the login history data for the user is outside the one-year retention period of historical data.

Internal Snowflake User for Snowsight¶

The first time Snowsight is accessed in an account, Snowflake creates an internal WORKSHEETS_APP_USER user to support the web interface. This user is used to cache query results in an internal stage in an account. For more information, see Getting started with Snowsight.