Snowflake

CARTO can connect to your Snowflake Data Warehouse, allowing you to use your data for building Maps and Workflows. There are two methods available for connecting to Snowflake:

OAuth (recommended): Users authenticate into Snowflake using their individual Snowflake credentials, generating an access token for each user. This process enables the enforcement of user-specific access control policies for shared connections. This is the recommended setup, but it needs to be configured first by an admin.
Username and password: CARTO will use these credentials to impersonate that user or service account. This is the quickest method to connect to Snowflake.

CARTO is a fully cloud-native platform that runs queries on your behalf to power maps, workflows, etc. We never create or maintain any copies of your data.

What it means to be fully cloud native.

Connecting to Snowflake via OAuth

CARTO supports connecting to Snowflake with OAuth using one of the following options:

Initial setup required

To connect to Snowflake using OAuth, the organization admin must first set up a Snowflake OAuth integration in CARTO. Once this is done, OAuth for Snowflake will be available to all users within the organization. Read more about setting up a Snowflake OAuth integration.

To connect to Snowflake using OAuth, simply click on Setup connection with OAuth. This will initiate an authentication flow where you can enter your individual credentials. Once authenticated, you will be asked to provide consent for CARTO to access your Snowflake data on your behalf.

If the OAuth connection is successful, you'll be taken to a form where the Snowflake user and Account name are already pre-filled. To complete the connection setup, provide the following details:

Connection name: To identify the connection in CARTO.
Database: The Snowflake database your connection will use when running queries.
Warehouse (optional): The Snowflake warehouse your connection will use when running queries. This parameter is optional.

Once you provide these details, the Connect button at the top right corner will become enabled. Click it and CARTO will validate your setup. If the setup is correct and the connection is successful, the connection will be added to the workspace and you can start using it right away.

OAuth connections are tied to an individual's personal credentials. They can be shared, but other users must authenticate using their own credentials to gain access. For more information, see Requiring viewer credentials on shared connections.

Advanced options

Analytics Toolbox location: This setting controls the location of the Analytics Toolbox used in SQL queries generated by Workflows components, Builder SQL Analyses, 'Create Tileset', 'Geocode Table' and 'Enrich Data' functionalities. By default, CARTO.CARTO will be used.
Data Observatory location: This settings controls the location of the Data Observatory subscriptions. This setting will be observed by Data Explorer, Workflows and Enrichment to access your data subscriptions. By default, CARTO-DATA.CARTOwill be used.
Workflows temp. location: This setting controls the location (DATABASE.SCHEMA) where Workflows will create temporal tables for each node. By default, it's a WORKFLOWS_TEMP schema that will be created in the connection's project during the execution of a workflow. Learn more about it here.
Max number of concurrent queries: This setting controls the maximum number of simultaneous queries that CARTO will send to Snowflake using this connection.
Max query timeout: This setting controls the maximum allowed duration of queries that CARTO runs in Snowflake using this connection.

Requiring viewer credentials

Connections to Snowflake using OAuth can be set up to require viewer credentials. This means that when the connection is shared, other users trying to access it will have to provide their own credentials to use it, instead of using the credentials of the user that created the connection.

For more information, see Requiring viewing credentials for shared connections.

Connecting to Snowflake with Username and Password

CARTO supports connecting to Snowflake with the username and password of a user or a service account. These are the parameters you need to provide:

Connection name: To identify the connection in CARTO.
Username
Password
Account name: The Snowflake account identifier, following this format: <account_name>.snowflakecomputing.com. Alternatively, you can provide the full Account URL here (i.e. https://test.us-east-2.aws.snowflakecomputing.com).
Warehouse (optional): The Snowflake warehouse your connection will use when running queries. This parameter is optional.
Database: The Snowflake database your connection will use when running queries.
Role: The Snowflake role your connection will use when running queries.

IP Whitelisting

If you're using the cloud version of CARTO (SaaS), CARTO will connect to Snowflake using a set of static IPs for each region. Check this guide to find the IPs you need to allow for your specific region.

PreviousGoogle BigQuery NextAmazon Redshift

Last updated 22 days ago

Connecting to Snowflake via OAuth

CARTO supports connecting to Snowflake with OAuth using one of the following options:

Initial setup required

If the OAuth connection is successful, you'll be taken to a form where the Snowflake user and Account name are already pre-filled. To complete the connection setup, provide the following details:

Connection name: To identify the connection in CARTO.

Database: The Snowflake database your connection will use when running queries.

Warehouse (optional): The Snowflake warehouse your connection will use when running queries. This parameter is optional.

Advanced options

Analytics Toolbox location: This setting controls the location of the Analytics Toolbox used in SQL queries generated by Workflows components, Builder SQL Analyses, 'Create Tileset', 'Geocode Table' and 'Enrich Data' functionalities. By default, CARTO.CARTO will be used.

Data Observatory location: This settings controls the location of the Data Observatory subscriptions. This setting will be observed by Data Explorer, Workflows and Enrichment to access your data subscriptions. By default, CARTO-DATA.CARTOwill be used.

Workflows temp. location: This setting controls the location (DATABASE.SCHEMA) where Workflows will create temporal tables for each node. By default, it's a WORKFLOWS_TEMP schema that will be created in the connection's project during the execution of a workflow. Learn more about it here.

Max number of concurrent queries: This setting controls the maximum number of simultaneous queries that CARTO will send to Snowflake using this connection.

Max query timeout: This setting controls the maximum allowed duration of queries that CARTO runs in Snowflake using this connection.

Requiring viewer credentials

Connecting to Snowflake with Username and Password

CARTO supports connecting to Snowflake with the username and password of a user or a service account. These are the parameters you need to provide:

Connection name: To identify the connection in CARTO.

Username

Password

Account name: The Snowflake account identifier, following this format: <account_name>.snowflakecomputing.com. Alternatively, you can provide the full Account URL here (i.e. https://test.us-east-2.aws.snowflakecomputing.com).

Warehouse (optional): The Snowflake warehouse your connection will use when running queries. This parameter is optional.

Database: The Snowflake database your connection will use when running queries.

Role: The Snowflake role your connection will use when running queries.