🎉 What's new

As a security admin managing Snowflake access, you'll want this integration because it eliminates shared credentials and centralizes authentication through your existing identity provider.

Previously, users had to manage separate Snowflake credentials or rely on service accounts. Now, Atlan connects to Snowflake using PingFederate OAuth, letting your team authenticate with their corporate identity while you maintain centralized control over access policies.

✨ Let's dig deeper

This integration uses OAuth 2.0 with PingFederate as your authorization server:

• Users authenticate once through PingFederate and access Snowflake resources without storing passwords in Atlan
• Scope-based permissions determine what each user can see and query, aligned with your existing access policies
• Token refresh happens automatically in the background, so sessions stay active without manual re-authentication
• All authentication events flow through PingFederate, giving you a single audit trail for compliance reporting
• You can revoke access instantly at the identity provider level without touching Snowflake directly

🚀 Give it a shot

Go to Governance > Connections > Snowflake and choose Snowflake OAuth and External Oauth as your authentication method. You'll need admin access in both Atlan and PingFederate to complete the setup, refer the setup guide for more information.

Verify the integration by following the below steps:

1. Open an Insights worksheet on the configured Snowflake connection.
2. Run any query. Atlan opens a Login with Snowflake (PingFederate) modal.
3. Click the login button. A new browser tab opens to your PingFederate authorization endpoint.
4. Sign in with your usual SSO credentials. The tab closes and the modal flips to Login successful.
5. Once login is successful, run your queries inside Atlan. Queries authenticate as the PingFederate-authenticated user, not as a shared service account.

📘 Refer to the to setup guide here.