Configure Compose

Alation Cloud Service Applies to Alation Cloud Service instances of Alation

Customer Managed Applies to customer-managed instances of Alation

To configure the use of Compose with your Google BigQuery OCF data source, go to the Compose tab on the Settings page of your Snowflake OCF data source. For more details, see Configure Compose for OCF Data Sources.

To configure authentication for Compose, query forms, dynamic sampling and profiling, and data upload, perform the configuration described below.

This configuration assumes that you have created an OAuth client for Alation and added a redirect URL for Compose as is described in the Configure OAuth Authentication section of Configure Connection to Data Source.

To enable Compose and other features that use user-initiated connections for your data source:

  1. Enable Compose for your data source by enabling the Enabled in Compose toggle.

  2. Select the Enable OAuth 2.0 in Compose checkbox under the section OAuth Connection. The user interface will display the relevant configuration fields.




Client ID

Specify the OAuth client ID.

Client Secret

Specify the OAuth client secret.

Request Refresh Tokens

Select this checkbox to enable requests for refresh tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token expires.

Enable PKCE

PKCE is a way to make a token request more secure. Optional property. Select if available.

Authorization Endpoint

Specify the authorization endpoint to be used to obtain an authorization grant after a user authorizes a client with Google BigQuery.

Use value:

Token Request Endpoint

This endpoint returns access tokens or refresh tokens depending on the request parameters.

Use value:

Default Scope

Use the following values:

openid email

The values are separated by a space.

Refresh Scope

The Refresh Scope field becomes available if the Request Refresh Tokens checkbox is selected.

Enter the value offline_access (allows the authentication flow to acquire new access tokens when the current ones expire).

Username field/claim

Property of the top-level JSON attribute in the authorization server response to a token request that contains the identity of the authorized user.

Use value email.

Make sure to select the JWT checkbox after filling this field.


For most authorization servers, access tokens are issued as a JWT.

When this checkbox is selected, the access token is parsed as a JWT and the username information is extracted as a claim from the token.

When this checkbox is left unselected, Alation attempts to extract the username information as a top-level attribute of the JSON response returned from the authorization server upon token request.

Access token parameter name

Use the value OAuthAccessToken.

OAuth Enablers

Use the value OAuthType=2.

  1. After providing the OAuth configuration information, either edit the default Compose URI or add a new OAuth-enabled URI using one of the formats below.

    bigquery://;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2

    Some Google BigQuery environments require the service account ID in the Compose URL. If that is the case, use this format:

    bigquery://;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2;OAuthServiceAcctEmail=<Service Account ID>


    Legacy SQL is supported: QueryDialect=BIG_QUERY.

  2. Click Save to save the information you entered.

For other configuration options on the Compose tab, refer to Configure Compose for OCF Data Sources.


When you create temporary tables (TEMP tables) on Google BigQuery using Compose, ensure that you enclose the query within BEGIN and END statements. For example:


SELECT * from `ostk-gcp-ostkedwviews-prod.edw_access_views.ostk_cal`;