User

Create a user

POST/api/v2/users
Create a user according to the parameters given

Query Parameters

ParameterTypeDescription
createModestring
Query parameter allowing support for different modes of resource creation. Possible values include:
  • errorIfExists: Throws an error if you try to create a resource that already exists.
  • orReplace: Automatically replaces the existing resource with the current one.
  • ifNotExists: Creates a new resource when an alter is requested for a non-existent resource.
ParameterTypeDescription
{
  "name": "jackpatel",
  "password": "pa$$word",
  "login_name": "string",
  "display_name": "string",
  "first_name": "string",
  "middle_name": "string",
  "last_name": "string",
  "email": "string",
  "must_change_password": true,
  "disabled": true,
  "days_to_expiry": 0,
  "mins_to_unlock": 0,
  "default_warehouse": "string",
  "default_namespace": "string",
  "default_role": "string",
  "default_secondary_roles": "ALL",
  "mins_to_bypass_mfa": 0,
  "rsa_public_key": "string",
  "rsa_public_key_2": "string",
  "comment": "A distinguished user",
  "type": "string",
  "enable_unredacted_query_syntax_error": true,
  "network_policy": "string",
  "created_on": "2019-08-24T14:15:22Z",
  "last_successful_login": "2019-08-24T14:15:22Z",
  "expires_at": "2019-08-24T14:15:22Z",
  "locked_until": "2019-08-24T14:15:22Z",
  "has_password": true,
  "has_rsa_public_key": true,
  "rsa_public_key_fp": "string",
  "rsa_public_key_2_fp": "string",
  "ext_authn_duo": true,
  "ext_authn_uid": "string",
  "owner": "string",
  "snowflake_lock": false,
  "snowflake_support": false,
  "mins_to_bypass_network_policy": 0,
  "password_last_set": "2019-08-24T14:15:22Z",
  "custom_landing_page_url": "string",
  "custom_landing_page_url_flush_next_ui_load": false
}

Response

CodeDescription
200
Successful request.
{
  "status": "Request successfully completed"
}
NameType
X-Snowflake-Request-ID
202
400
401
403
404
405
408
409
410
429
500
503
504
ParameterTypeDescription
statusstringMessage returned by the server.

List users in the system

GET/api/v2/users
Lists the users in the system.

Query Parameters

ParameterTypeDescription
likestring
Query parameter to filter the command output by resource name. Uses case-insensitive pattern matching, with support for SQL wildcard characters.
startsWithstring
Query parameter to filter the command output based on the string of characters that appear at the beginning of the object name. Uses case-sensitive pattern matching.
showLimitinteger
Query parameter to limit the maximum number of rows returned by a command.
fromNamestring
Query parameter to enable fetching rows only following the first row whose object name matches the specified string. Case-sensitive and does not have to be the full name.

Response

CodeDescription
200
successful
[
  {
    "name": "jackpatel",
    "password": "pa$$word",
    "login_name": "string",
    "display_name": "string",
    "first_name": "string",
    "middle_name": "string",
    "last_name": "string",
    "email": "string",
    "must_change_password": true,
    "disabled": true,
    "days_to_expiry": 0,
    "mins_to_unlock": 0,
    "default_warehouse": "string",
    "default_namespace": "string",
    "default_role": "string",
    "default_secondary_roles": "ALL",
    "mins_to_bypass_mfa": 0,
    "rsa_public_key": "string",
    "rsa_public_key_2": "string",
    "comment": "A distinguished user",
    "type": "string",
    "enable_unredacted_query_syntax_error": true,
    "network_policy": "string",
    "created_on": "2019-08-24T14:15:22Z",
    "last_successful_login": "2019-08-24T14:15:22Z",
    "expires_at": "2019-08-24T14:15:22Z",
    "locked_until": "2019-08-24T14:15:22Z",
    "has_password": true,
    "has_rsa_public_key": true,
    "rsa_public_key_fp": "string",
    "rsa_public_key_2_fp": "string",
    "ext_authn_duo": true,
    "ext_authn_uid": "string",
    "owner": "string",
    "snowflake_lock": false,
    "snowflake_support": false,
    "mins_to_bypass_network_policy": 0,
    "password_last_set": "2019-08-24T14:15:22Z",
    "custom_landing_page_url": "string",
    "custom_landing_page_url_flush_next_ui_load": false
  }
]
NameTypeDescription
X-Snowflake-Request-IDstringUnique ID of the API request.
LinkstringLinks to the page of results (e.g. the first page, the last page, etc.). The header can include multiple 'url' entries with different 'rel' attribute values that specify the page to return ('first', 'next', 'prev', and 'last').
202
Successfully accepted the request, but it is not completed yet.
{
  "code": "392604",
  "message": "Request execution in progress. Use the provided location header or result handler ID to perform query monitoring and management."
}
NameTypeDescription
LocationstringRelative path for checking request status or getting the result, if available.
X-Snowflake-Request-ID
400Bad Request. The request payload is invalid or malformed. This happens if the application didn't send the correct request payload. The response body may include the error code and message indicating the actual cause. The application must reconstruct the request body for retry.
401Unauthorized. The request is not authorized. This happens if the attached access token is invalid or missing. The response body may include the error code and message indicating the actual cause, e.g., expired, invalid token. The application must obtain a new access token for retry.
403Forbidden. The request is forbidden. This can also happen if the request is made even if the API is not enabled.
404Not Found. The request endpoint is not valid. This happens if the API endpoint does not exist, or if the API is not enabled.
405Method Not Allowed. The request method doesn't match the supported API. This happens, for example, if the application calls the API with GET method but the endpoint accepts only POST.
408Request Timeout. This indicates that the request from the client timed out and was not completed by the server.
409Conflict. The requested operation could not be performed due to a conflicting state that could not be resolved. This usually happens when a CREATE request was performed when there is a pre-existing resource with the same name, and also without one of the options orReplace/ifNotExists.
410Gone. This error is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable.
429Limit Exceeded. The number of requests hit the rate limit. The application must slow down the frequency of hitting the API endpoints.
500Internal Server Error. The server hit an unrecoverable system error. The response body may include the error code and message for further guidance. The application owner may need to reach out the customer support.
503Service Unavailable. The request was not processed due to server side timeouts. The application may retry with backoff. The jittered backoff is recommended.
504Gateway Timeout. The request was not processed due to server side timeouts. The application may retry with backoff. The jittered backoff is recommended.
ParameterTypeDescription

Fetch information about a user

GET/api/v2/users/{name}
Fetch user information using the result of the DESCRIBE command

Path Parameters

ParameterTypeDescription
namestring
Identifier (i.e. name) for the resource.

Response

CodeDescription
200
successful
{
  "name": "jackpatel",
  "password": "pa$$word",
  "login_name": "string",
  "display_name": "string",
  "first_name": "string",
  "middle_name": "string",
  "last_name": "string",
  "email": "string",
  "must_change_password": true,
  "disabled": true,
  "days_to_expiry": 0,
  "mins_to_unlock": 0,
  "default_warehouse": "string",
  "default_namespace": "string",
  "default_role": "string",
  "default_secondary_roles": "ALL",
  "mins_to_bypass_mfa": 0,
  "rsa_public_key": "string",
  "rsa_public_key_2": "string",
  "comment": "A distinguished user",
  "type": "string",
  "enable_unredacted_query_syntax_error": true,
  "network_policy": "string",
  "created_on": "2019-08-24T14:15:22Z",
  "last_successful_login": "2019-08-24T14:15:22Z",
  "expires_at": "2019-08-24T14:15:22Z",
  "locked_until": "2019-08-24T14:15:22Z",
  "has_password": true,
  "has_rsa_public_key": true,
  "rsa_public_key_fp": "string",
  "rsa_public_key_2_fp": "string",
  "ext_authn_duo": true,
  "ext_authn_uid": "string",
  "owner": "string",
  "snowflake_lock": false,
  "snowflake_support": false,
  "mins_to_bypass_network_policy": 0,
  "password_last_set": "2019-08-24T14:15:22Z",
  "custom_landing_page_url": "string",
  "custom_landing_page_url_flush_next_ui_load": false
}
NameType
X-Snowflake-Request-ID
Link
202
400
401
403
404
405
408
409
410
429
500
503
504
ParameterTypeDescription

Delete a user

DELETE/api/v2/users/{name}
Delete a user with the given name.

Query Parameters

ParameterTypeDescription
ifExistsboolean
Query parameter that specifies how to handle the request for a resource that does not exist:
  • true: The endpoint does not throw an error if the resource does not exist. It returns a 200 success response, but does not take any action on the resource.
  • false: The endpoint throws an error if the resource doesn't exist.

Response

CodeDescription
200
202
400
401
403
404
405
408
409
410
429
500
503
504

Create a (or alter an existing) user

PUT/api/v2/users/{name}
Create a (or alter an existing) user. Even if the operation is just an alter, the full property set must be provided. Note that password is not currently altered by this operation but is supported for a newly-created object.
ParameterTypeDescription
{
  "name": "jackpatel",
  "password": "pa$$word",
  "login_name": "string",
  "display_name": "string",
  "first_name": "string",
  "middle_name": "string",
  "last_name": "string",
  "email": "string",
  "must_change_password": true,
  "disabled": true,
  "days_to_expiry": 0,
  "mins_to_unlock": 0,
  "default_warehouse": "string",
  "default_namespace": "string",
  "default_role": "string",
  "default_secondary_roles": "ALL",
  "mins_to_bypass_mfa": 0,
  "rsa_public_key": "string",
  "rsa_public_key_2": "string",
  "comment": "A distinguished user",
  "type": "string",
  "enable_unredacted_query_syntax_error": true,
  "network_policy": "string",
  "created_on": "2019-08-24T14:15:22Z",
  "last_successful_login": "2019-08-24T14:15:22Z",
  "expires_at": "2019-08-24T14:15:22Z",
  "locked_until": "2019-08-24T14:15:22Z",
  "has_password": true,
  "has_rsa_public_key": true,
  "rsa_public_key_fp": "string",
  "rsa_public_key_2_fp": "string",
  "ext_authn_duo": true,
  "ext_authn_uid": "string",
  "owner": "string",
  "snowflake_lock": false,
  "snowflake_support": false,
  "mins_to_bypass_network_policy": 0,
  "password_last_set": "2019-08-24T14:15:22Z",
  "custom_landing_page_url": "string",
  "custom_landing_page_url_flush_next_ui_load": false
}

Response

CodeDescription
200
202
400
401
403
404
405
408
409
410
429
500
503
504

List all grants to the user

GET/api/v2/users/{name}/grants
List all grants to the user

Response

CodeDescription
200
successful
[
  {
    "securable": {
      "database": "string",
      "schema": "string",
      "name": "string"
    },
    "containing_scope": {
      "database": "string",
      "schema": "string"
    },
    "securable_type": "string",
    "privileges": [
      "string"
    ],
    "created_on": "2019-08-24T14:15:22Z",
    "granted_by": "string"
  }
]
NameType
X-Snowflake-Request-ID
Link
202
400
401
403
404
405
408
409
410
429
500
503
504
ParameterTypeDescription

Grant a role to the user

POST/api/v2/users/{name}/grants
Grant a role to the user
ParameterTypeDescription
{
  "securable": {
    "database": "string",
    "schema": "string",
    "name": "string"
  },
  "containing_scope": {
    "database": "string",
    "schema": "string"
  },
  "securable_type": "string",
  "privileges": [
    "string"
  ],
  "created_on": "2019-08-24T14:15:22Z",
  "granted_by": "string"
}

Response

CodeDescription
200
202
400
401
403
404
405
408
409
410
429
500
503
504

Revoke grants from the user

POST/api/v2/users/{name}/grants:revoke
Revoke grants from the user
ParameterTypeDescription
{
  "securable": {
    "database": "string",
    "schema": "string",
    "name": "string"
  },
  "containing_scope": {
    "database": "string",
    "schema": "string"
  },
  "securable_type": "string",
  "privileges": [
    "string"
  ],
  "created_on": "2019-08-24T14:15:22Z",
  "granted_by": "string"
}

Response

CodeDescription
200
202
400
401
403
404
405
408
409
410
429
500
503
504
Language: English