Connect your AI Agents to Snowflake in minutes

What is a Snowflake MCP server?

It’s an MCP server that lets you access data from a Snowflake instance via tools. Your agents can invoke these tools to modify databases, create a schema in a database, list user roles, and more.

Snowflake offers an official MCP server. But you can also access Snowflake MCP servers from 3rd-party platforms, like Merge Agent Handler.

What are common ways to use a Snowflake MCP server?

Here are just a few popular use cases:

• Schema and metadata discovery for better SQL generation: Browse databases, schemas, tables, columns, comments, and sample values so an LLM can ground itself before writing queries
  

• Ad hoc analytics and dashboards: Generate SQL for explorations, slice-and-dice, cohort checks, funnel breakdowns, and quick “why did this change?” investigations
  

• Data quality and observability: Run validation queries (null rates, duplicates, referential integrity), monitor freshness/latency, and surface anomalies in key metrics
  

• Customer or support “data lookup” workflows: Given an account id or email, fetch relevant rows (usage, invoices, events) for support or sales enablement
  

• Automated reporting: Produce daily/weekly summaries by running a known set of queries and returning results in a structured format (tables, JSON), often for posting into docs or Slack

What are popular tools for Snowflake’s MCP server?

Here are some widely-used tools:

Databases

• <code class="blog_inline-code">list_databases</code>
• <code class="blog_inline-code">create_databases</code>
• <code class="blog_inline-code">alter_databases</code>
• <code class="blog_inline-code">drop_database</code>

Schemas

• <code class="blog_inline-code">list_schemas</code>
• <code class="blog_inline-code">create_schema</code>
• <code class="blog_inline-code">get_schema</code>
• <code class="blog_inline-code">drop_schema</code>

Roles

• <code class="blog_inline-code">create_role</code>
• <code class="blog_inline-code">list_roles</code>
• <code class="blog_inline-code">get_role</code>
• <code class="blog_inline-code">grant_role</code>

What makes Merge Agent Handler’s Snowflake MCP server better than alternative Snowflake MCP servers?

Here are just a few reasons:

• Unified authentication and credential management: Merge Agent Handler abstracts OAuth and API key handling, enabling secure, user-level or shared authentication without custom implementation
  

• Built-in security and DLP: Developers can enforce granular policies on tool usage and data access, helping ensure sensitive Snowflake data is protected during agent interactions
  

• Real-time observability and auditability: Agent Handler provides real-time monitoring of tool calls along with fully-searchable logs, enabling debugging, compliance audits, and performance tracking of Snowflake interactions
  

• Connector Studio for customization: Teams can modify or extend Snowflake tools without rebuilding integrations from scratch, allowing tailored workflows for specific use cases
  

• Evaluation Suite for pre-production validation: Developers can test Snowflake tool performance before deployment, reducing the risk of failures in production environments
  

Can I set custom security rules for Snowflake tool calls in Merge Agent Handler?

Yes, Merge Agent Handler supports granular security controls, including DLP policies, which allow you to define rules governing how agents interact with external systems like Snowflake.

Here are some rules you can set:

• Prevent PII leaks in ad hoc analytics. Block or redact Snowflake query inputs and outputs when they contain SSNs, credit card numbers, or other regulated identifiers

• Stop credential and secret exfiltration. Detect and block tool calls that include API keys, tokens, or passwords in prompts, SQL text, or returned results

• Allow “safe insights” while masking raw rows. Let queries run, but redact sensitive fields in the result set before the agent receives them

• Create an audit trail for compliance reviews. Log tool calls (without changing payloads) so security teams can investigate who queried what and when

• Add “step-up” controls for risky workflows. Block or gate tool calls that match high-risk patterns (for example, bulk exports or unusually broad queries) unless explicitly allowed

• Customize detections to your data model. Use custom regex rules to catch internal identifiers (like customer IDs, contract numbers, or proprietary tokens) that generic DLP rules might miss

How can I start using Merge Agent Handler’s Snowflake connector?

You can take these steps:

1. Create (or sign in to) an Agent Handler account, then open the dashboard where you can manage connectors and Tool Packs.

2. Create a Tool Pack for the workflow you want (e.g., “Snowflake analytics copilot”), since Tool Packs define which connectors and tools your agent can access.

3. Add the Snowflake connector to that Tool Pack and configure access using least-privilege permissions (via your Tool Pack configuration and RBAC/policies).

4. Create a Registered User (the identity your agent will execute tool calls as) and complete the Snowflake authentication flow when prompted.

5. Connect your agent runtime to Agent Handler (either via MCP or the SDK pattern) so your agent can discover tools by calling “list tools” and then execute Snowflake tool calls through Agent Handler.

6. Validate end-to-end behavior using the Tool Pack tester / Evaluation Suite, starting with low-risk read-only queries, then iterating until outputs are consistent.

7. Before production, configure security rules (DLP) and alerts to scan Snowflake tool inputs and outputs, and to block, redact, or log sensitive data patterns.