Snowflake Database Role API
The Snowflake Database Role API is a REST API that you can use to access, update, and perform certain actions on Database Role resource in a Snowflake database.
OpenAPI Specification
openapi: 3.0.0
servers:
- description: Snowflake REST Server
url: https://org-account.snowflakecomputing.com
info:
version: 0.0.1
title: Snowflake Database Role API
description: The Snowflake Database Role API is a REST API that you can use to access, update, and perform certain actions on Database Role resource in a Snowflake database.
contact:
name: Snowflake, Inc.
url: https://snowflake.com
email: support@snowflake.com
paths:
/api/v2/databases/{database}/database-roles:
get:
summary: List Database Roles
tags:
- database-role
description: List database roles
operationId: listDatabaseRoles
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/showLimit
- $ref: common.yaml#/components/parameters/fromName
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/DatabaseRole'
examples:
Listdatabaseroles200Example:
summary: Default listDatabaseRoles 200 response
x-microcks-default: true
value:
- name: Example Title
comment: example_value
created_on: '2026-01-15T10:30:00Z'
granted_to_roles: 10
granted_to_database_roles: 10
granted_database_roles: 10
owner: example_value
owner_role_type: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Create a Database Role
tags:
- database-role
description: Create a database role
operationId: createDatabaseRole
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/createMode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/DatabaseRole'
examples:
CreatedatabaseroleRequestExample:
summary: Default createDatabaseRole request
x-microcks-default: true
value:
name: Example Title
comment: example_value
created_on: '2026-01-15T10:30:00Z'
granted_to_roles: 10
granted_to_database_roles: 10
granted_database_roles: 10
owner: example_value
owner_role_type: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}:
delete:
summary: Delete a Database Role
tags:
- database-role
description: Delete a database role
operationId: deleteDatabaseRole
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/ifExists
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}:clone:
post:
summary: Create a New Database Role by Cloning From the Specified Resource
tags:
- database-role
description: Create a new database role by cloning from the specified resource
operationId: cloneDatabaseRole
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/createMode
- name: targetDatabase
description: Database of the target resource. Defaults to the source's database
in: query
required: false
schema:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
example: example_value
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/DatabaseRoleClone'
examples:
ClonedatabaseroleRequestExample:
summary: Default cloneDatabaseRole request
x-microcks-default: true
value:
name: Example Title
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}/grants:
get:
summary: List All Grants to the Role
tags:
- database-role
description: List all grants to the role
operationId: listGrants
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Grant'
examples:
Listgrants200Example:
summary: Default listGrants 200 response
x-microcks-default: true
value:
- securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Grant Privileges to the Role
tags:
- database-role
description: Grant privileges to the role
operationId: grantPrivileges
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
GrantprivilegesRequestExample:
summary: Default grantPrivileges request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}/grants:revoke:
post:
summary: Revoke Grants From the Role
tags:
- database-role
description: Revoke grants from the role
operationId: revokeGrants
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/mode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
RevokegrantsRequestExample:
summary: Default revokeGrants request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}/future-grants:
get:
summary: List All Future Grants to the Role
tags:
- database-role
description: List all future grants to the role
operationId: listFutureGrants
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Grant'
examples:
Listfuturegrants200Example:
summary: Default listFutureGrants 200 response
x-microcks-default: true
value:
- securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Grant Future Privileges to the Role
tags:
- database-role
description: Grant future privileges to the role
operationId: grantFuturePrivileges
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
GrantfutureprivilegesRequestExample:
summary: Default grantFuturePrivileges request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/databases/{database}/database-roles/{name}/future-grants:revoke:
post:
summary: Revoke Future Grants From the Role
tags:
- database-role
description: Revoke future grants from the role
operationId: revokeFutureGrants
parameters:
- $ref: common.yaml#/components/parameters/database
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/mode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
RevokefuturegrantsRequestExample:
summary: Default revokeFutureGrants request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
components:
schemas:
DatabaseRole:
type: object
description: A Snowflake database role
properties:
name:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Name of the database role
example: Example Title
comment:
type: string
description: User comment associated to an object in the dictionary
example: example_value
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the database role was created
example: '2026-01-15T10:30:00Z'
granted_to_roles:
type: integer
format: int64
readOnly: true
description: How many roles this database role has been granted to
example: 10
granted_to_database_roles:
type: integer
format: int64
readOnly: true
description: How many database roles this database role has been granted to
example: 10
granted_database_roles:
type: integer
format: int64
readOnly: true
description: How many database roles this database role has been granted
example: 10
owner:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
readOnly: true
description: Role that owns the database role
example: example_value
owner_role_type:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
readOnly: true
description: The type of role that owns the database role
example: example_value
required:
- name
DatabaseRoleClone:
type: object
properties:
name:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Name of the database role
example: Example Title
required:
- name
Grant:
type: object
properties:
securable:
$ref: '#/components/schemas/Securable'
description: Securable of the grant
containing_scope:
$ref: '#/components/schemas/ContainingScope'
description: Containing scope of the grant
securable_type:
type: string
description: Type of the securable to be granted.
example: example_value
grant_option:
type: boolean
description: If true, allows the recipient role to grant the privileges to other roles.
example: true
privileges:
type: array
items:
type: string
description: List of privileges to be granted.
example: []
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the grant was created
example: '2026-01-15T10:30:00Z'
granted_by:
type: string
readOnly: true
description: The role that granted this privilege to this grantee
example: example_value
required:
- securable_type
Securable:
type: object
properties:
database:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Database name of the securable if applicable.
example: example_value
schema:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Schema name of the securable if applicable.
example: example_value
service:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Service name of the securable if applicable.
example: example_value
name:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Name of the securable if applicable.
example: Example Title
required:
- name
ContainingScope:
type: object
properties:
database:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Database name of the securable scope if applicable.
example: example_value
schema:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Schema name of the securable scope if applicable.
example: example_value
required:
- database
securitySchemes:
KeyPair:
$ref: common.yaml#/components/securitySchemes/KeyPair
ExternalOAuth:
$ref: common.yaml#/components/securitySchemes/ExternalOAuth
SnowflakeOAuth:
$ref: common.yaml#/components/securitySchemes/SnowflakeOAuth
security:
- KeyPair: []
- ExternalOAuth: []
- SnowflakeOAuth: []