Count
count.co
  • Getting Started
    • What is Count?
    • Count FAQ
    • Intro to your workspace
    • Example canvases
    • Getting started guides
      • Set up your workspace and projects
        • 1. Review workspace settings
        • 2. Create and organise your projects
      • Canvas orientation
      • Your first ad hoc analysis
        • 1. Examples and templates
        • 2. Build your first queries
        • 3. Create visuals
        • 4. Caching, local cells and scheduling
        • 5. Collaborating with a stakeholder
      • Your first report
        • 1. Examples and templates
        • 2. Filters and control cells
        • 3. Sharing your report
        • 4. Alerts
  • Connect your data
    • Database connection overview
      • Athena
      • Azure Synapse
      • BigQuery
      • Databricks
      • Microsoft SQL Server
      • MySQL
      • PostgreSQL
      • Redshift
      • Snowflake
    • Refresh database schema
    • Upload CSV files
    • dbt integration
      • ☁️dbt Cloud integration
      • 👩‍💻dbt Core integration
  • Import & Export
    • Import from other tools
      • Import Miro files
      • Import SQL files
      • Import Google Sheets
      • Import Jupyter notebooks
    • Export code and results
      • Export compiled SQL and Jinja-SQL
      • Export CSV files
      • Export images and PDF files
  • THE CANVAS
    • Navigating the canvas
      • Canvas tool bar
      • Data sidebar
      • Customizing the canvas
    • Canvas objects
      • Cells
      • Text and markdown
      • Shapes and tools
      • Sticky notes
      • Frames
      • Images
      • Embeds
      • Stamps
      • Grouping objects
      • Object order and alignment
      • Locking objects
      • Scaling objects
      • Shared styles
    • Overviews
    • Templates
    • Count AI
    • Alerts and subscriptions
      • Slack integration
    • Keyboard shortcuts
  • Querying data
    • Cells overview
      • Dynamic query compilation engine
    • SQL cells
      • Referencing other cells
      • Jinja templating
      • SQL formatting
    • Python cells
    • Visual and low-code cells
      • Calculations in visuals and low-code cells
      • Joins in visuals and low-code cells
    • Control cells
      • Single and multiple selects
      • Date controls
      • Text, number, and boolean controls
      • Custom control cells
    • Local DuckDB cells
      • DuckDB on the server
    • Query caching and scheduling
    • Manage queries and results
    • Troubleshooting
  • Visualizing data
    • Visualization overview
    • Templated visuals
    • Custom visuals
      • Marks
      • Facet
      • Subplots
      • Style
      • Filters
    • Formatting a visual
      • Axes
        • Secondary Axis
      • Colors and labels
      • Legends
      • Tooltips
    • Column summaries
    • Dynamic text
    • Every Visual Under the Sun
  • Presenting and Reporting
    • Reports and Slides
  • Count Metrics
    • Intro to Count Metrics
    • Build and edit a catalog
    • Views
      • Creating views
      • Customizing views
    • Datasets
      • Creating datasets
    • Save changes to the catalog
      • Catalog validation
      • Version control
    • Exposing catalogs to the workspace
    • Caching in Count Metrics
    • Using the catalog
      • Explore from cell
  • Sharing and Permissions
    • Real-time collaboration
    • Comments
    • Sharing permissions
    • Shared links
    • Embedding canvases
  • History and Versions
    • Version control
    • Duplicating and merging
    • Data snapshots
  • Settings and administration
    • Workspace settings
      • Workspace members
      • Groups
      • Tags
      • Billing
      • Single sign-on (SSO)
        • Okta
        • Entra ID
        • JumpCloud
        • Google
        • Generic OIDC
      • Brand
    • Connection settings
    • Project settings
    • User settings
    • Roles and permissions
  • Quick guides
    • Interactive control guides
      • Date ranges
      • Date groupings
      • Search
      • Select All
  • Resources
    • Join the Slack community
  • Blog
  • Security overview
  • Terms of use
  • Pricing FAQ
Powered by GitBook
On this page
  • Click "Connect a database"
  • Enter your connection details
  • Authentication options
  • Connect
  • Database access
  • Advanced settings
  • Troubleshooting
  • FAQs
  1. Connect your data
  2. Database connection overview

Snowflake

How to connect Snowflake to Count.

PreviousRedshiftNextRefresh database schema

Last updated 24 days ago

Click "Connect a database"

Enter your connection details

To enable Count to connect to your Snowflake database, you'll need your full Snowflake account name.

Note that your account name may have additional segments that identify the region and cloud platform that hosts your account.

For example:

xy12345
xy12345.eu-west-1
xy12345.eu-west-2.aws
xy12345.us-central1.gcp
xy12345.switzerland-north.azure

You can see your full account name when logged into Snowflake - it forms the first part of the URL.

For example, if your account name is

xy12345.eu-west-2.aws

then the URL will look like

https://xy12345.eu-west-2.aws.snowflakecomputing.com/...

This account also must be permitted to read the INFORMATION_SCHEMA table within this database.

Authentication options

Username and password

To connect using username and password, select this option from the Authentication options dropdown, enter the required values and click Connect.

OAuth

To create a Snowflake Security Integration you will need to be a Snowflake account administrator (users with the ACCOUNTADMIN role) or have a role with the global CREATE INTEGRATION privilege.

  1. Create a new SQL worksheet

  2. Create the Snowflake Security Integration by running the following SQL command

CREATE SECURITY INTEGRATION COUNT_OAUTH
  TYPE = OAUTH
  ENABLED = TRUE
  OAUTH_CLIENT = CUSTOM
  OAUTH_CLIENT_TYPE = 'CONFIDENTIAL'
  OAUTH_REDIRECT_URI = 'https://count.co/connection-oauth'
  OAUTH_ISSUE_REFRESH_TOKENS = TRUE
  OAUTH_REFRESH_TOKEN_VALIDITY = 2592000
  OAUTH_ENFORCE_PKCE = TRUE
  BLOCKED_ROLES_LIST = ('SYSADMIN');

Notes:

  • OAUTH_ISSUE_REFRESH_TOKENS (in seconds) is set to 30 days in the above statement. Every 30 days, Count's connection will need to be re-authorized (see below) to re-enable to the connection to Snowflake. Count recommends a value between 1 week (604800) and 90 days (7776000) to avoid the need to re-authorize too often.

SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('COUNT_OAUTH');
  1. Navigate to your Count workspace, click Connect a database, and choose Snowflake.

  2. Select OAuth in the Authentication options dropdown, and enter your Account, the value obtained in step 4 for the OAUTH_CLIENT_ID.

By default, the BLOCKED_ROLES_LIST also includes the roles ACCOUNTADMIN, SECURITYADMIN, and ORGADMIN, which means users with only those roles cannot consent to using the security integration, and the authorization step on Snowflake will fail.

If the person authorizing the connection has one of these roles, please ensure that they are also assigned a reduced privilege role (e.g. ANALYST) and enter that as the value for Role.

  1. Once you have logged successfully authorized on the Snowflake side, you will be automatically redirected back to your Connect to Snowflake page in Count. You'll now be asked for the value of the OAUTH_CLIENT_SECRET obtained in step 4, your Database name, and any other optional properties you wish to configure, including the Refresh token validity (see below). Click Connect to complete the connection.

Set the value of Refresh token validity in your Count Snowflake connection to the value of OAUTH_REFRESH_TOKEN_VALIDITY to receive email reminders of when re-authorization is due.

If an error is encountered during step 8, you will need to re-authorize once again (steps 6 - 8).

Re-authorization

The refresh token obtained by Count from Snowflake during step 8 enables Count to obtain a short lived (10 minutes) session token from Snowflake to, amongst other things, run queries against your database. This refresh token itself has an expiry given by the value of OAUTH_REFRESH_TOKEN_VALIDITY set above. The connection will therefore need to be re-authorized whenever it is due to expire.

Navigate to your Snowflake connection settings page, and click Re-authorize to regenerate a new refresh token (steps 6 - 8 above).

Connect

Once you have connected you will see your connection details including a full list of tables accessible with this connection.

Database access

By default, you are able to query any table in the Snowflake database (limited by the supplied credentials). You are also able to query tables in other databases as long as the credentials have access to those databases, though they do not appear in the Count UI.

If table access is restricted within a Count project, then canvases in that project will be unable to query tables outside of this Snowflake database.

Advanced settings

The Snowflake connection in Count supports a number of advanced settings:

  • Max concurrent connections - Set the maximum number of simultaneous connections between Count and your database. If your database has a lower limit than the value set here, then the lower limit will take precedence.

  • Query timeout - queries executed from Count will be automatically aborted after this length of time.

Troubleshooting

If you have a network policy defined which whitelists connections based on IP address, you may need to allow connections to the following IP addresses for Count to establish a connection:

34.107.75.117
35.198.189.90
35.234.110.177
104.155.13.208

FAQs

What do I do if we have MFA enabled?

To connect using OAuth, you must first create a .

Navigate to the (or other Snowflake client)

Once created, retrieve the OAUTH_CLIENT_ID and OAUTH_CLIENT_SECRET parameters using the

When you click Authorize, you will be redirected to your usual Snowflake login flow. Please not that certain roles are from authorizing using this flow. Please contact Snowflake support should you have further questions.

The most common issue when connecting to Snowflake is getting the account name correct. You can find more information about your account name in the .

You'll need to authenticate using .

If you are having trouble connecting, to us to schedule a help session

Snowflake Security Integration
Snowflake UI console
following statement
blocked
Snowflake documentation
reach out
OAuth