Hi, I'm setting up an OAUTH connection to Snowflake on our Qlik Cloud instance. I've set up OAUTH for snowflake for other products and it is working as expected but I can't get the Qlik Cloud connection to work at the step where I authenticate the first time building the connection. I've followed the instructions in this post: https://community.qlik.com/t5/Official-Support-Articles/Qlik-Cloud-Qlik-Snowflakes-Connector-using-O...
That post links to the snowflake document that I've used for the other OAUTH connections but the directions for Qlik Cloud require a redirect URI. We created a new Entra Resource and Client application as per the snowflake document and put the redirect URI (https://connector.qlik.com/auth/oauth/v2.htm) in each.
Does the snowflake security integration require this as well? The document isn't clear and doesn't show an example. I'm currently getting the following error when it tries to do the authenticate:
error_description = AADSTS500011: The resource principal named api:/ was not found in the tenant named ********-****-****-****-************. I removed the actual tenant value.
This seems to be a problem with the scope parameter since the error message says "api:/: and the value is api://********-****-****-****-************, (again removed actual value) which is what I put in for the scope on other OAUTH configurations to Snowflake that work.
The scope should be set to the APPLICATION ID URI (api://.........), which should be exposed from the Snowflake OAuth Resource's 'Expose an API' feature in Azure Active Directory (AAD) tenant.
You'll likely also have to make sure the security integration created in Snowflake includes your tenant ID & application ID URL. This is essential to make sure wan make AAD recognize the token request for the Snowflake service.
