openapi: 3.0.0 servers: - description: Snowflake REST Server url: https://org-account.snowflakecomputing.com info: version: 0.0.1 title: Snowflake Role API description: The Snowflake Role API is a REST API that you can use to access, update, and perform certain actions on Role resource in a Snowflake database. contact: name: Snowflake, Inc. url: https://snowflake.com email: support@snowflake.com paths: /api/v2/roles: get: summary: List Roles tags: - role description: List roles operationId: listRoles parameters: - $ref: common.yaml#/components/parameters/like - $ref: common.yaml#/components/parameters/startsWith - $ref: common.yaml#/components/parameters/showLimit - $ref: common.yaml#/components/parameters/fromName responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/Role' examples: Listroles200Example: summary: Default listRoles 200 response x-microcks-default: true value: - name: Example Title comment: example_value created_on: '2026-01-15T10:30:00Z' owner: example_value is_default: true is_current: true is_inherited: true assigned_to_users: 10 granted_to_roles: 10 granted_roles: 10 '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Create a Role tags: - role description: Create a role operationId: createRole parameters: - $ref: common.yaml#/components/parameters/createMode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Role' examples: CreateroleRequestExample: summary: Default createRole request x-microcks-default: true value: name: Example Title comment: example_value created_on: '2026-01-15T10:30:00Z' owner: example_value is_default: true is_current: true is_inherited: true assigned_to_users: 10 granted_to_roles: 10 granted_roles: 10 x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}: delete: summary: Delete a Role tags: - role description: Delete a role operationId: deleteRole parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/ifExists responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/grants: get: summary: List All Grants to the Role tags: - role description: List all grants to the role operationId: listGrants parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/Grant' examples: Listgrants200Example: summary: Default listGrants 200 response x-microcks-default: true value: - securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Grant Privileges to the Role tags: - role description: Grant privileges to the role operationId: grantPrivileges parameters: - $ref: common.yaml#/components/parameters/name responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: GrantprivilegesRequestExample: summary: Default grantPrivileges request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/grants:revoke: post: summary: Revoke Grants From the Role tags: - role description: Revoke grants from the role operationId: revokeGrants parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/mode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: RevokegrantsRequestExample: summary: Default revokeGrants request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/grants-of: get: summary: List All Grants of the Role tags: - role description: List all grants of the role operationId: listGrantsOf parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/GrantOf' examples: Listgrantsof200Example: summary: Default listGrantsOf 200 response x-microcks-default: true value: - created_on: '2026-01-15T10:30:00Z' role: example_value granted_to: example_value grantee_name: example_value granted_by: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/grants-on: get: summary: List All Grants on the Role tags: - role description: List all grants on the role operationId: listGrantsOn parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/GrantOn' examples: Listgrantson200Example: summary: Default listGrantsOn 200 response x-microcks-default: true value: - created_on: '2026-01-15T10:30:00Z' privilege: example_value granted_on: example_value name: Example Title granted_to: example_value grantee_name: example_value grant_option: example_value granted_by: example_value granted_by_role_type: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/future-grants: get: summary: List All Future Grants to the Role tags: - role description: List all future grants to the role operationId: listFutureGrants parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/showLimit responses: '200': description: successful headers: X-Snowflake-Request-ID: $ref: common.yaml#/components/headers/X-Snowflake-Request-ID Link: $ref: common.yaml#/components/headers/Link content: application/json: schema: type: array items: $ref: '#/components/schemas/Grant' examples: Listfuturegrants200Example: summary: Default listFutureGrants 200 response x-microcks-default: true value: - securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout x-microcks-operation: delay: 0 dispatcher: FALLBACK post: summary: Grant Future Privileges to the Role tags: - role description: Grant future privileges to the role operationId: grantFuturePrivileges parameters: - $ref: common.yaml#/components/parameters/name responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: GrantfutureprivilegesRequestExample: summary: Default grantFuturePrivileges request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK /api/v2/roles/{name}/future-grants:revoke: post: summary: Revoke Future Grants From the Role tags: - role description: Revoke future grants from the role operationId: revokeFutureGrants parameters: - $ref: common.yaml#/components/parameters/name - $ref: common.yaml#/components/parameters/mode responses: '200': $ref: common.yaml#/components/responses/200SuccessResponse '202': $ref: common.yaml#/components/responses/202SuccessAcceptedResponse '400': $ref: common.yaml#/components/responses/400BadRequest '401': $ref: common.yaml#/components/responses/401Unauthorized '403': $ref: common.yaml#/components/responses/403Forbidden '404': $ref: common.yaml#/components/responses/404NotFound '405': $ref: common.yaml#/components/responses/405MethodNotAllowed '408': $ref: common.yaml#/components/responses/408RequestTimeout '409': $ref: common.yaml#/components/responses/409Conflict '410': $ref: common.yaml#/components/responses/410Gone '429': $ref: common.yaml#/components/responses/429LimitExceeded '500': $ref: common.yaml#/components/responses/500InternalServerError '503': $ref: common.yaml#/components/responses/503ServiceUnavailable '504': $ref: common.yaml#/components/responses/504GatewayTimeout requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/Grant' examples: RevokefuturegrantsRequestExample: summary: Default revokeFutureGrants request x-microcks-default: true value: securable: database: example_value schema: example_value service: example_value name: Example Title containing_scope: database: example_value schema: example_value securable_type: example_value grant_option: true privileges: - example_value created_on: '2026-01-15T10:30:00Z' granted_by: example_value x-microcks-operation: delay: 0 dispatcher: FALLBACK components: schemas: Role: type: object description: A Snowflake role properties: name: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Name of the role. example: Example Title comment: type: string description: Comment of the role. example: example_value created_on: type: string format: date-time readOnly: true description: Date and time when the role was created. example: '2026-01-15T10:30:00Z' owner: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ readOnly: true description: Specifies the role that owns this role. example: example_value is_default: type: boolean readOnly: true description: Specifies whether the role being fetched is the user's default role. example: true is_current: type: boolean readOnly: true description: Specifies whether the role being fetched is the user's current role. example: true is_inherited: type: boolean readOnly: true description: Specifies whether the role used to run the command inherits the specified role. example: true assigned_to_users: type: integer format: int64 readOnly: true description: The number of users to whom this role has been assigned. example: 10 granted_to_roles: type: integer format: int64 readOnly: true description: The number of roles to which this role has been granted. example: 10 granted_roles: type: integer format: int64 readOnly: true description: The number of roles that have been granted to this role. example: 10 required: - name Grant: type: object properties: securable: $ref: '#/components/schemas/Securable' description: Securable of the grant containing_scope: $ref: '#/components/schemas/ContainingScope' description: Containing scope of the grant securable_type: type: string description: Type of the securable to be granted. example: example_value grant_option: type: boolean description: If true, allows the recipient role to grant the privileges to other roles. example: true privileges: type: array items: type: string description: List of privileges to be granted. example: [] created_on: type: string format: date-time readOnly: true description: Date and time when the grant was created example: '2026-01-15T10:30:00Z' granted_by: type: string readOnly: true description: The role that granted this privilege to this grantee example: example_value required: - securable_type Securable: type: object properties: database: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Database name of the securable if applicable. example: example_value schema: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Schema name of the securable if applicable. example: example_value service: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Service name of the securable if applicable. example: example_value name: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Name of the securable if applicable. example: Example Title required: - name ContainingScope: type: object properties: database: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Database name of the securable scope if applicable. example: example_value schema: type: string pattern: ^"([^"]|"")+"|[a-zA-Z_][a-zA-Z0-9_$]*$ description: Schema name of the securable scope if applicable. example: example_value required: - database GrantOf: type: object properties: created_on: type: string format: date-time readOnly: true description: Date and time when the grant was created example: '2026-01-15T10:30:00Z' role: type: string readOnly: true description: The name of the role example: example_value granted_to: type: string readOnly: true description: The type of the grantee, can be USER or ROLE example: example_value grantee_name: type: string readOnly: true description: The name of the grantee example: example_value granted_by: type: string readOnly: true description: The role that granted this role to this grantee example: example_value GrantOn: type: object properties: created_on: type: string format: date-time readOnly: true description: Date and time when the grant was created example: '2026-01-15T10:30:00Z' privilege: type: string readOnly: true description: The name of the privilege example: example_value granted_on: type: string readOnly: true description: The type of of the role example: example_value name: type: string readOnly: true description: The name of the role example: Example Title granted_to: type: string readOnly: true description: The type of the grantee example: example_value grantee_name: type: string readOnly: true description: The name of the grantee example: example_value grant_option: type: string readOnly: true description: If true, allows the recipient role to grant the privileges to other roles. example: example_value granted_by: type: string readOnly: true description: The role that granted this privilege to this grantee example: example_value granted_by_role_type: type: string readOnly: true description: Type of the role that granted this privilege to this grantee example: example_value securitySchemes: KeyPair: $ref: common.yaml#/components/securitySchemes/KeyPair ExternalOAuth: $ref: common.yaml#/components/securitySchemes/ExternalOAuth SnowflakeOAuth: $ref: common.yaml#/components/securitySchemes/SnowflakeOAuth security: - KeyPair: [] - ExternalOAuth: [] - SnowflakeOAuth: []