Snowflake’s managed MCP servers work with external OAuth tokens — JWT-signed, role-scoped, and RBAC-enforced. Tested end-to-end with tool discovery and SQL execution.
A visual, hands-on explanation of JSON Web Tokens — what they contain, how signing works, why they expire, and how Snowflake uses them for External OAuth authentication.
The core challenge of AI agents: passing the human user’s identity through to Snowflake. This toolkit demonstrates JWT-to-PAT token exchange so agents execute as the actual user — with their roles, permissions, and full audit trail.