- Categories:
System functions (System Information)
SYSTEM$ISSUE_ WORKLOAD_ IDENTITY_ FEDERATION_ TOKEN¶
Returns an ID token that a Snowflake workload can send to an external service for authentication purposes.
For more information about using this function, see Workload identity federation for Snowflake workloads that access external services.
Syntax¶
Arguments¶
'workload_identity_secret'Fully qualified name of the secret that was created for the Snowflake workload that is authenticating with workload identity federation.
The type of the secret must be
WORKLOAD_IDENTITY_FEDERATION.'audience'Specifies the audience of the ID token in JSON format. The function uses this value to set the
audclaim of the ID token.The audience is specified in the following format:
Returns¶
Returns an encoded ID token that conforms to the OIDC specification.
Examples¶
Generate an ID token for the workload that created the my_workload secret so it could authenticate with workload identity federation.
The workload intends to send the ID token to the service identified by example_cloud_service.com.