The Snowflake Role API is a REST API that you can use to access, update, and perform certain actions on Role resource in a Snowflake database.
openapi: 3.0.0
servers:
- description: Snowflake REST Server
url: https://org-account.snowflakecomputing.com
info:
version: 0.0.1
title: Snowflake Role API
description: The Snowflake Role API is a REST API that you can use to access, update, and perform certain actions on Role resource in a Snowflake database.
contact:
name: Snowflake, Inc.
url: https://snowflake.com
email: support@snowflake.com
paths:
/api/v2/roles:
get:
summary: List Roles
tags:
- role
description: List roles
operationId: listRoles
parameters:
- $ref: common.yaml#/components/parameters/like
- $ref: common.yaml#/components/parameters/startsWith
- $ref: common.yaml#/components/parameters/showLimit
- $ref: common.yaml#/components/parameters/fromName
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Role'
examples:
Listroles200Example:
summary: Default listRoles 200 response
x-microcks-default: true
value:
- name: Example Title
comment: example_value
created_on: '2026-01-15T10:30:00Z'
owner: example_value
is_default: true
is_current: true
is_inherited: true
assigned_to_users: 10
granted_to_roles: 10
granted_roles: 10
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Create a Role
tags:
- role
description: Create a role
operationId: createRole
parameters:
- $ref: common.yaml#/components/parameters/createMode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Role'
examples:
CreateroleRequestExample:
summary: Default createRole request
x-microcks-default: true
value:
name: Example Title
comment: example_value
created_on: '2026-01-15T10:30:00Z'
owner: example_value
is_default: true
is_current: true
is_inherited: true
assigned_to_users: 10
granted_to_roles: 10
granted_roles: 10
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}:
delete:
summary: Delete a Role
tags:
- role
description: Delete a role
operationId: deleteRole
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/ifExists
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/grants:
get:
summary: List All Grants to the Role
tags:
- role
description: List all grants to the role
operationId: listGrants
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Grant'
examples:
Listgrants200Example:
summary: Default listGrants 200 response
x-microcks-default: true
value:
- securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Grant Privileges to the Role
tags:
- role
description: Grant privileges to the role
operationId: grantPrivileges
parameters:
- $ref: common.yaml#/components/parameters/name
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
GrantprivilegesRequestExample:
summary: Default grantPrivileges request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/grants:revoke:
post:
summary: Revoke Grants From the Role
tags:
- role
description: Revoke grants from the role
operationId: revokeGrants
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/mode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
RevokegrantsRequestExample:
summary: Default revokeGrants request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/grants-of:
get:
summary: List All Grants of the Role
tags:
- role
description: List all grants of the role
operationId: listGrantsOf
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/GrantOf'
examples:
Listgrantsof200Example:
summary: Default listGrantsOf 200 response
x-microcks-default: true
value:
- created_on: '2026-01-15T10:30:00Z'
role: example_value
granted_to: example_value
grantee_name: example_value
granted_by: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/grants-on:
get:
summary: List All Grants on the Role
tags:
- role
description: List all grants on the role
operationId: listGrantsOn
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/GrantOn'
examples:
Listgrantson200Example:
summary: Default listGrantsOn 200 response
x-microcks-default: true
value:
- created_on: '2026-01-15T10:30:00Z'
privilege: example_value
granted_on: example_value
name: Example Title
granted_to: example_value
grantee_name: example_value
grant_option: example_value
granted_by: example_value
granted_by_role_type: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/future-grants:
get:
summary: List All Future Grants to the Role
tags:
- role
description: List all future grants to the role
operationId: listFutureGrants
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/showLimit
responses:
'200':
description: successful
headers:
X-Snowflake-Request-ID:
$ref: common.yaml#/components/headers/X-Snowflake-Request-ID
Link:
$ref: common.yaml#/components/headers/Link
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/Grant'
examples:
Listfuturegrants200Example:
summary: Default listFutureGrants 200 response
x-microcks-default: true
value:
- securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
post:
summary: Grant Future Privileges to the Role
tags:
- role
description: Grant future privileges to the role
operationId: grantFuturePrivileges
parameters:
- $ref: common.yaml#/components/parameters/name
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
GrantfutureprivilegesRequestExample:
summary: Default grantFuturePrivileges request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/api/v2/roles/{name}/future-grants:revoke:
post:
summary: Revoke Future Grants From the Role
tags:
- role
description: Revoke future grants from the role
operationId: revokeFutureGrants
parameters:
- $ref: common.yaml#/components/parameters/name
- $ref: common.yaml#/components/parameters/mode
responses:
'200':
$ref: common.yaml#/components/responses/200SuccessResponse
'202':
$ref: common.yaml#/components/responses/202SuccessAcceptedResponse
'400':
$ref: common.yaml#/components/responses/400BadRequest
'401':
$ref: common.yaml#/components/responses/401Unauthorized
'403':
$ref: common.yaml#/components/responses/403Forbidden
'404':
$ref: common.yaml#/components/responses/404NotFound
'405':
$ref: common.yaml#/components/responses/405MethodNotAllowed
'408':
$ref: common.yaml#/components/responses/408RequestTimeout
'409':
$ref: common.yaml#/components/responses/409Conflict
'410':
$ref: common.yaml#/components/responses/410Gone
'429':
$ref: common.yaml#/components/responses/429LimitExceeded
'500':
$ref: common.yaml#/components/responses/500InternalServerError
'503':
$ref: common.yaml#/components/responses/503ServiceUnavailable
'504':
$ref: common.yaml#/components/responses/504GatewayTimeout
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/Grant'
examples:
RevokefuturegrantsRequestExample:
summary: Default revokeFutureGrants request
x-microcks-default: true
value:
securable:
database: example_value
schema: example_value
service: example_value
name: Example Title
containing_scope:
database: example_value
schema: example_value
securable_type: example_value
grant_option: true
privileges:
- example_value
created_on: '2026-01-15T10:30:00Z'
granted_by: example_value
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
components:
schemas:
Role:
type: object
description: A Snowflake role
properties:
name:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Name of the role.
example: Example Title
comment:
type: string
description: Comment of the role.
example: example_value
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the role was created.
example: '2026-01-15T10:30:00Z'
owner:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
readOnly: true
description: Specifies the role that owns this role.
example: example_value
is_default:
type: boolean
readOnly: true
description: Specifies whether the role being fetched is the user's default role.
example: true
is_current:
type: boolean
readOnly: true
description: Specifies whether the role being fetched is the user's current role.
example: true
is_inherited:
type: boolean
readOnly: true
description: Specifies whether the role used to run the command inherits the specified role.
example: true
assigned_to_users:
type: integer
format: int64
readOnly: true
description: The number of users to whom this role has been assigned.
example: 10
granted_to_roles:
type: integer
format: int64
readOnly: true
description: The number of roles to which this role has been granted.
example: 10
granted_roles:
type: integer
format: int64
readOnly: true
description: The number of roles that have been granted to this role.
example: 10
required:
- name
Grant:
type: object
properties:
securable:
$ref: '#/components/schemas/Securable'
description: Securable of the grant
containing_scope:
$ref: '#/components/schemas/ContainingScope'
description: Containing scope of the grant
securable_type:
type: string
description: Type of the securable to be granted.
example: example_value
grant_option:
type: boolean
description: If true, allows the recipient role to grant the privileges to other roles.
example: true
privileges:
type: array
items:
type: string
description: List of privileges to be granted.
example: []
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the grant was created
example: '2026-01-15T10:30:00Z'
granted_by:
type: string
readOnly: true
description: The role that granted this privilege to this grantee
example: example_value
required:
- securable_type
Securable:
type: object
properties:
database:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Database name of the securable if applicable.
example: example_value
schema:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Schema name of the securable if applicable.
example: example_value
service:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Service name of the securable if applicable.
example: example_value
name:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Name of the securable if applicable.
example: Example Title
required:
- name
ContainingScope:
type: object
properties:
database:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Database name of the securable scope if applicable.
example: example_value
schema:
type: string
pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$
description: Schema name of the securable scope if applicable.
example: example_value
required:
- database
GrantOf:
type: object
properties:
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the grant was created
example: '2026-01-15T10:30:00Z'
role:
type: string
readOnly: true
description: The name of the role
example: example_value
granted_to:
type: string
readOnly: true
description: The type of the grantee, can be USER or ROLE
example: example_value
grantee_name:
type: string
readOnly: true
description: The name of the grantee
example: example_value
granted_by:
type: string
readOnly: true
description: The role that granted this role to this grantee
example: example_value
GrantOn:
type: object
properties:
created_on:
type: string
format: date-time
readOnly: true
description: Date and time when the grant was created
example: '2026-01-15T10:30:00Z'
privilege:
type: string
readOnly: true
description: The name of the privilege
example: example_value
granted_on:
type: string
readOnly: true
description: The type of of the role
example: example_value
name:
type: string
# --- truncated at 32 KB (33 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/snowflake/refs/heads/main/openapi/role.yaml