Authentication & Authorization
Metatate does not implement custom authentication. It relies entirely on Snowflake's native authentication and authorization, which means users are authenticated by Snowflake before they ever reach the application.
Session Flow
Key points:
- Snowflake handles authentication — users log in through Snowflake's standard mechanisms (username/password, SSO, MFA, key pair)
- Snowsight is the entry point — users access the app through the Snowflake UI or the Streamlit launcher
- SPCS ingress validates the session — only authenticated Snowflake users can reach the application endpoints
- No credentials stored — the application never sees or stores user passwords, tokens, or API keys
- Identity is inherited — the backend operates with the calling user's Snowflake identity and privileges
Application Roles
Metatate defines two application roles that control feature access within the app:
app_admin
Full access to all application features.
| Capability | Access |
|---|---|
| View governance catalog | Yes |
| Create and edit policies | Yes |
| Deploy and materialize policies | Yes |
| Manage table references | Yes |
| Configure tenant settings | Yes |
| View activity and decision logs | Yes |
| Access AI features | Yes |
| Manage app roles and users | Yes |
app_user
Standard access for day-to-day governance operations.
| Capability | Access |
|---|---|
| View governance catalog | Yes |
| Create and edit policies | Yes |
| Deploy and materialize policies | Yes |
| Manage table references | No |
| Configure tenant settings | No |
| View activity and decision logs | Yes (own activity) |
| Access AI features | Yes |
| Manage app roles and users | No |
Permission Matrix
Schema Access
| Schema | app_admin | app_user |
|---|---|---|
app_data | Read / Write | Read |
core | Read / Execute | Read / Execute |
app_public | Read / Execute | Read / Execute |
app_internal | Full | No access |
Table Access
| Table | app_admin | app_user |
|---|---|---|
| Governance tables (6) | Read / Write | Read |
| Staging tables (6) | Read / Write | No access |
tenant_config | Read / Write | Read |
activity_log | Read / Write | Read (own) |
governance_snapshots | Read | Read |
governance_decision_log | Read | Read |
Procedure Access
| Procedure | app_admin | app_user |
|---|---|---|
| Policy compilation | Execute | Execute |
| Governance materialization | Execute | Execute |
| Tenant configuration | Execute | No access |
| Reference management | Execute | No access |
| MCP tools | Execute | Execute |
Consumer-Controlled Access
The consumer retains full control over what data the application can see through Snowflake's reference system:
DATABASE_CATALOG Reference
- Type: Multi-valued table reference
- Access level: SELECT only
- Purpose: Allows Metatate to read table metadata (column names, data types) for governance catalog
- Consumer control: The consumer chooses exactly which tables to share. The app cannot access any table not explicitly granted.
APP_WAREHOUSE Reference
- Type: Warehouse reference
- Purpose: Provides compute for queries and MCP tool execution
- Consumer control: The consumer provides their own warehouse. The app does not create or manage warehouses.
What the App Cannot Do
- Cannot read data from tables not in the DATABASE_CATALOG reference
- Cannot write to any consumer table (SELECT only access)
- Cannot create objects in consumer schemas
- Cannot access other applications or databases
- Cannot modify consumer roles or grants
- Cannot make external network calls
No Custom Authentication
There are several things Metatate deliberately does not do:
- No login page — users are already authenticated by Snowflake
- No user database — user identity comes from Snowflake
- No API keys — backend calls use the Snowflake session context
- No OAuth flows — no external identity providers
- No session management — SPCS handles session lifecycle
- No password storage — not applicable
This design eliminates an entire class of security concerns (credential storage, session hijacking, token management) by delegating authentication entirely to Snowflake.