Skip to main content

Documentation Index

Fetch the complete documentation index at: https://domoinc-arun-raj-connectors-domo-479583-raisers-edge-connec.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Intro

Cloud Amplifier enables you to connect Domo directly to your Snowflake data—without requiring data movement. Your data remains governed and secure in Snowflake, while Domo provides you with powerful tools to explore, transform, and visualize it. This guide walks you through setting up the integration, including read/write access and OAuth configuration.
Note: Magic ETL leverages the Snowflake Cloud Amplifier integration, allowing you to effortlessly transform your data within Snowflake. Learn about Magic ETL on Snowflake.

Architectural Overview

This image represents the integration between Cloud Amplifier and Snowflake.
Screenshot

Prerequisites

Cloud Amplifier setup consists of two parts: Read-only or Read/Write. After the Read-only setup is complete, you may begin using virtual tables that read from Snowflake to create cards, set up Alerts, or serve as inputs in Magic ETL flows. You can set up read-only and return later to set up the Write portion. Before setting up the Snowflake connection, we strongly recommend that you complete the following:
  • Create a Snowflake service account We recommend creating a new Snowflake account specifically for this integration. You can use any account with read access in Snowflake, but a service account is best practice. This account must have read access to your default Snowflake environment in order to create virtual Snowflake tables in Domo.
  • (Recommended) Create a Domo service account — We recommend creating a new Domo account specifically for this integration. The account role must have the Manage Cloud Accounts and Manage DataSet grants enabled.
For more information about roles and grants, refer to our article on Managing Custom Roles.

Account Creation — Write

Before registering with Cloud Amplifier for the Write portion of the setup, you must complete the following:
  • (Required) Create a default Snowflake database — You need a Snowflake database that is exclusively for Domo to write Domo-managed tables. During setup, this database is the default.
Note: You can configure access to multiple databases if needed, either now or later.
  • (Conditional) Place IP Addresses on an allowlist — If your Snowflake environment restricts access based on IP address, you may need to place Domo IPs on an allowlist.
For more information, see our article about Allow Domo IP Addresses for Network Connections.
Important: During the write setup process, you are provided with SQL statements to create the integration. These statements must be executed against your Snowflake environment by a Snowflake administrator with the ACCOUNTADMIN role.
This is a Snowflake requirement and prevents the need to manage your Snowflake administrator credentials within Domo, which is especially important in larger organizations where your Snowflake administrator may not have Domo access. After the integration is established, you no longer need a Snowflake administrator account.

Create or Manage your Snowflake Integrations

To access the integration management interface, please follow these steps:
  1. Navigate to the “Data Warehouse
  2. Select “Connect Data
  3. Choose “Snowflake” from the list of Cloud Integrations.
  4. The Domo on Snowflake page appears. Selecting Connect Snowflake initiates the process to create a new integration (refer to Integration Setup instructions on this page), while choosing Manage Integrations allows for modifications to existing integrations.
  5. A list of available integrations will be displayed. By clicking the wrench icon, you will see different options based on your access level.
Screenshot

Create a Snowflake Integration

  1. Name your integration
    Choose a label to identify this Snowflake integration in Domo. It doesn’t need to match anything in Snowflake and can be changed later.
  2. Add a description (optional)
    Helps others understand the purpose of the integration. This is only visible in the integration details.
  3. Select or create a Snowflake service account
    Choose an existing account or click “Add account” to create a new one. This account authenticates to Snowflake and determines access to tables.
Note: Changing the service account later may require remapping DataSets or ETLs if access differs.
Screenshot
  1. Choose a Snowflake warehouse
    Select the warehouse to use for querying data. You can assign multiple warehouses later for optimization or specific use cases.
Screenshot

Create a Snowflake Account

Every Snowflake integration in Domo relies on an authenticated Snowflake service account. Once created, a single service account can be reused across multiple integrations. To create a Snowflake service account in Domo:
  1. Name the Account
    Choose a name to identify the Snowflake service account within Domo. This name can be changed later.
Tip: Use a clear and distinct name to differentiate between multiple service accounts and integrations.
  1. Enter the Snowflake Account Identifier
    This is typically a subdomain of snowflakecomputing.com. You can find it in Snowflake under Account > View Account Details. Refer to https://docs.snowflake.com/en/user-guide/admin-account-identifier for help.
  2. Choose an Authentication Method
    Select one of the following:
    • Add the public key to your Snowflake user: ALTER USER "<username>" SET RSA_PUBLIC_KEY='<public_key>'
      Replace <username> and <public_key> with your actual values.
  • Key Pair (Recommended)
    Snowflake is phasing out single-factor password sign-ins. Key-pair authentication is more secure and future-proof. See their security MFA rollout and key pair authdocumentation.
  • Upload your private key file (.p8 format).
  • Optionally, enter the passphrase if your key pair includes one.
  • Username & Password
    Enter your Snowflake username and password.
  1. Set the Snowflake Role (Optional)
    You may override the default role assigned to this service account.
Screenshot

Enable Snowflake Writeback

If your goal is to use Domo to write data back to Snowflake—for example, as a Magic ETL output—then enabling writeback is the right step. This configuration allows Domo to create and update tables in your Snowflake instance using the associated Snowflake service account.
Note: Writeback is optional. Many integrations are read-only. Even when writeback is enabled, access must be explicitly granted to individuals or groups. Basic access does not automatically include write-back privileges.
You can manage access levels on the accounts page by selecting “Account sharing” next to the relevant Snowflake service account. Prerequisites A Snowflake administrator (or someone with equivalent privileges) must be available to execute SQL queries that create a dedicated database and grant access to the service account. Step-by-Step Setup
  1. Specify the Snowflake Database
    Choose the default database where Domo will write data.
  2. Specify the Snowflake Schema
    Define the default schema for data output. If it doesn’t exist, Domo will create it when selected in Magic ETL.
Tip: Users can select other databases/schemas in Magic ETL, but the service account must have the necessary grants.
  1. Enter the Default Role
    Provide the name of the Snowflake role assigned to the service account.
Screenshot
  1. Generate and Execute SQL
    A Snowflake user with the ACCOUNTADMIN role should run the generated SQL to:
Note: You can configure access to multiple databases if needed, either now or later.
    • Create the write-back database
    • Grant access to the service account
    • Create a DOMO_UTIL schema for Domo-managed resources (e.g., fiscal calendar)
  1. Confirm Authorization
    Finalize the setup by confirming that Domo is authorized to create, alter, and delete objects in Snowflake using the service account.
Screenshot

Configure OAuth

OAuth allows Domo to query Snowflake data in the context of individual users rather than a shared service account. When enabled, users accessing cards or previewing DataSets connected via OAuth will be prompted to authenticate with their Snowflake credentials.
Note: OAuth applies only to reading data from Snowflake. Operations like Magic ETL, write-back, and native transform continue to use the Snowflake service account.
OAuth is optional. Without it, Domo can still read from and write to Snowflake using the service account. Prerequisites A Snowflake administrator (or someone with equivalent privileges) must first configure a security integration in Snowflake. Configure OAuth in Snowflake
  1. Define the Security Integration Modify and run the following query in Snowflake: create or replace security integration <name_goes_here>
    type = oauth
    enabled = true
    oauth_client = custom
    oauth_client_type = 'CONFIDENTIAL'
    oauth_redirect_uri = 'https://oauth.domo.com/api/data/v1/oauth/providers/snowflake-oauth/exchange'
    oauth_issue_refresh_tokens = true
    oauth_refresh_token_validity = 86400;
  2. Set Integration Name Replace <name_goes_here> with a meaningful name. This name is used in subsequent queries.
  3. Set Token Duration Choose how long refresh tokens remain valid:
    • 1 day = 86400 seconds
    • Max = 7776000 seconds (90 days)
    • Min = 3600 seconds (1 hour)
  4. Verify Integration Run: desc security integration <name_goes_here>;
  5. Retrieve Client ID and Secret Run: select system$show_oauth_client_secrets('<name_goes_here>');
  6. Copy Values Save the client ID and secret for use in Domo.
Configure OAuth in Domo
  1. Enter Snowflake Account Identifier Typically a subdomain of snowflakecomputing.com. You can find it under Account > View Account Details in Snowflake.
  2. Enter Client ID and Secret Paste the values retrieved in Step 6.
  3. Set Primary Role Choose the Snowflake role to apply to all Domo users.
  4. Connect Select “Connect” and sign in using your Snowflake credentials.
  5. Allow Access Review the requested permissions and click “Allow” to complete the setup.
Screenshot

Troubleshoot

If you experience a problem with your Cloud Amplifier/Snowflake integration, the following information may help resolve the issue. You can also submit a request to Domo Support. Missing Tables If you cannot find tables that your account has access to, ensure the table is materialized. Transient or Temporary tables on the Snowflake side cannot be used to create DataSets through Cloud Amplifier. Setup Problems If you have problems setting up your Cloud Amplifier/Snowflake integration, follow the steps below: Check Snowflake Service Account
  1. Log in to Snowflake with the service account credentials.
  2. Ensure you can view the default Snowflake Database and query the tables you expect to import.
Assign Correct Role Ensure that a Snowflake administrator with the ACCOUNTADMIN role executes the SQL provided by Domo in Snowflake. Use the Correct URL Make sure that the Snowflake connection URL in Domo matches the Snowflake login URL. You can find the URL on the Snowflake login page. The URL will be in this format: *instancename.region.*snowflakecomputing.com.

FAQ

When you connect Domo to your Snowflake account, Domo operates over two classes of databases and underlying tables. Tables you create and update directly through independent pipelines or ingestion mechanisms can be explored and registered in Domo, accessible in a read-only fashion. Domo can read and directly query these customer-managed databases.Additionally, we recommend creating a new database in Domo for Read/Write access. Domo uses this Domo-managed database to write data that comes in through the Domo ingestion pipeline, such as with the thousands of connectors available to bring data into Snowflake. Domo also uses this Domo-managed database to create outputs of data transformations (DataFlow outputs).How are permissions configured between Domo and Snowflake?Permissions originating in Snowflake are not programmatically passed into Domo. However, you can use Domo’s native permission model and Personalized Data Permisssons (PDP) for data security to manage data access to underlying assets in Snowflake.What are the differences between using connectors to create DataSets from Snowflake and using Cloud Amplifier to create DataSets?
  • Leaving data in Snowflake— Perhaps the biggest difference is that all Snowflake connectors import/duplicate data from Snowflake to Domo, while Cloud Amplifier leaves the data in Snowflake.
  • Bulk create— Cloud Amplifier allows you to look up and bulk select up multiple tables to immediately create multiple unique DataSets. To do this with connectors, you would have to configure each DataSet individually with a connector.
My Snowflake view DataSet shows 0 rows, and the Last update remains unchanged, even though there are rows and updates have been made. What could be causing this?This is the standard behavior for Snowflake views. Snowflake endpoints do not provide the number of rows unless the data is explicitly queried.Snowflake is not allowing me to execute the ALTER USER statement. What am I missing?Make sure that you own the user or have the SECURITY/ADMIN Snowflake role.I have uploaded my private key and provided its passphrase, but I am unable to establish a connection. What could be wrong?Follow every instruction provided in this [Snowflake documentation](https://docs.snowflake.com/en/user-guide/key-pair-auth). Make sure that the passphrase matches the one you used to create your key-pair and that you have executed the ALTER USER statement successfully.

Next Steps

Now that you’re integrated, learn how to use Magic ETL on Snowflake or how to create a Magic ETL DataFlow.