Automating Snowflake Access Token in Azure SCIM
Below are the step by step guide to automate Snowflake Access Token to Azure AD. Without which, one need to update Azure SCIM every 6 months.
- Create a new Logic App in Azure portal.
- Add a Recurrence trigger to the Logic App that runs at the desired frequency (for example, every 6 months).
- Add an HTTP action to the Logic App that sends a request to the Snowflake API to generate a new access token.
- Add a Parse JSON action to the Logic App that extracts the new access token from the Snowflake API response.
- Add an Azure AD action to the Logic App that updates the Snowflake access token in the appropriate Azure AD application.
- Save and test the Logic App.
Here’s an example JSON schema for the HTTP action to generate a new access token in Snowflake:
{
“type”: “object”,
“properties”: {
“account”: {
“type”: “string”
},
“username”: {
“type”: “string”
},
“password”: {
“type”: “string”
}
},
“required”: [
“account”,
“username”,
“password”
]
}
And here’s an example JSON schema for the Parse JSON action to extract the new access token from the Snowflake API response:
{
“type”: “object”,
“properties”: {
“data”: {
“type”: “array”,
“items”: {
“type”: “object”,
“properties”: {
“token”: {
“type”: “string”
}
},
“required”: [
“token”
]
}
}
},
“required”: [
“data”
]
}
You’ll need to modify these JSON schemas to match the specific Snowflake API you’re using to generate new access tokens.
References:
https://docs.snowflake.com/en/guides-overview-secure
Follow and Clap if you like the content and feel free to ask if you have any questions in the comments. I will be more than happy to assist and guide you.
