Alation Cloud Service Applies to Alation Cloud Service instances of Alation
Customer Managed Applies to customer-managed instances of Alation
To configure the use of Compose with your Google BigQuery OCF data source, go to the Compose tab on the Settings page of your Snowflake OCF data source. For more details, see Configure Compose for OCF Data Sources.
To configure authentication for Compose, query forms, dynamic sampling and profiling, and data upload, perform the configuration described below.
This configuration assumes that you have created an OAuth client for Alation and added a redirect URL for Compose as is described in the Configure OAuth Authentication section of Configure Connection to Data Source.
To enable Compose and other features that use user-initiated connections for your data source:
Enable Compose for your data source by enabling the Enabled in Compose toggle.
Select the Enable OAuth 2.0 in Compose checkbox under the section OAuth Connection. The user interface will display the relevant configuration fields.
Specify the OAuth client ID.
Specify the OAuth client secret.
Request Refresh Tokens
Select this checkbox to enable requests for refresh tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token expires.
PKCE is a way to make a token request more secure. Optional property. Select if available.
Specify the authorization endpoint to be used to obtain an authorization grant after a user authorizes a client with Google BigQuery.
Token Request Endpoint
This endpoint returns access tokens or refresh tokens depending on the request parameters.
Use the following values:
openid email https://www.googleapis.com/auth/bigquery
The values are separated by a space.
Property of the top-level JSON attribute in the authorization server response to a token request that contains the identity of the authorized user.
Make sure to select the JWT checkbox after filling this field.
For most authorization servers, access tokens are issued as a JWT.
When this checkbox is selected, the access token is parsed as a JWT and the username information is extracted as a claim from the token.
When this checkbox is left unselected, Alation attempts to extract the username information as a top-level attribute of the JSON response returned from the authorization server upon token request.
Access token parameter name
Use the value
Use the value
After providing the OAuth configuration information, either edit the default Compose URI or add a new OAuth-enabled URI using one of the formats below.
bigquery://https://www.googleapis.com/bigquery/v2:443;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2
Some Google BigQuery environments require the service account ID in the Compose URL. If that is the case, use this format:
bigquery://https://www.googleapis.com/bigquery/v2:443;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2;OAuthServiceAcctEmail=<Service Account ID>
Legacy SQL is supported: QueryDialect=BIG_QUERY.
Click Save to save the information you entered.
For other configuration options on the Compose tab, refer to Configure Compose for OCF Data Sources.
When you create temporary tables (TEMP tables) on Google BigQuery using Compose, ensure that you enclose the query within BEGIN and END statements. For example:
BEGIN CREATE TEMP TABLE _SESSION.V_TEST AS SELECT * from `ostk-gcp-ostkedwviews-prod.edw_access_views.ostk_cal`; END