Challenges Integrating OAuth with Multiple Accounts and Usernames in Snowflake

I am encountering an issue with setting up an OAuth integration in Snowflake that is accessible to multiple accounts and usernames. I have successfully created an OAuth security integration with the following SQL command:

sqlCopy code:

CREATE or REPLACE SECURITY INTEGRATION DATOX TYPE = OAUTH OAUTH_CLIENT = CUSTOM OAUTH_CLIENT_TYPE = 'PUBLIC' OAUTH_REDIRECT_URI = 'https://24b6-84-54-92-23.ngrok-free.app/callback' ENABLED = TRUE;

The integration works as expected for my account, but I am struggling to make it functional for other users and accounts within our Snowflake environment. Specifically, my objectives and challenges are:

1. Enabling Integration Across Multiple User Accounts:

   • I need to allow different users in our Snowflake environment to use this OAuth integration. However, I'm unsure how to configure the integration or the user roles to enable this.

2. User-Specific Access Control:

   • I am looking for a way to control which users can access this integration. Ideally, I want to specify access at the user level, not just the role level.

3. Best Practices and Recommendations:

   • I am seeking advice on best practices for setting up OAuth integrations in Snowflake that need to be accessed by multiple users across different accounts. Is there a standard approach or a recommended method for this type of setup?

I would appreciate any guidance or insights on how to resolve these issues and successfully implement a multi-user OAuth integration in Snowflake.

Thank you!

1. Created OAuth Security Integration:

   • Initially, created an OAuth security integration in Snowflake using the SQL command CREATE or REPLACE SECURITY INTEGRATION. This was successful for your own account.

2. Attempted Role-Based Access Control:

   • Considered using Snowflake's role-based access control to grant other users access to this integration. This might have involved granting roles like SYSADMIN or ACCOUNTADMIN usage privileges on the integration.

3. Faced Integration Scope Limitation:

   • Encountered difficulties in extending the integration's functionality to other users and accounts. The challenge was to make the OAuth integration functional beyond your own user account, to allow different users in your Snowflake environment access to the integration.