Documentation Index
Fetch the complete documentation index at: https://www.truefoundry.com/llms.txt
Use this file to discover all available pages before exploring further.
Snowflake managed MCP servers expose Cortex Search, Cortex Analyst, SQL execution, and Cortex Agents. Create the MCP server in Snowflake, grant access, and register its URL in TrueFoundry.
Prerequisites
- A TrueFoundry account with permission to add MCP servers.
- Snowflake
ACCOUNTADMIN or SYSADMIN privileges.
- At least one Cortex resource or warehouse to expose.
Create the MCP Server in Snowflake
Run SQL like the following, keeping only the tools you need:
CREATE OR REPLACE MCP SERVER my_mcp_server
FROM SPECIFICATION $$
tools:
- name: "search-tool"
type: "CORTEX_SEARCH_SERVICE_QUERY"
identifier: "MY_DB.MY_SCHEMA.MY_SEARCH_SERVICE"
description: "Search documents in Snowflake"
- name: "sql-tool"
type: "SYSTEM_EXECUTE_SQL"
description: "Execute SQL queries"
config:
read_only: true
warehouse: "MY_WAREHOUSE"
$$;
USAGE on the MCP server and on each underlying Cortex resource or warehouse to the roles that should use it.
Create OAuth Credentials
Create a Snowflake OAuth security integration with the TrueFoundry callback URL:
CREATE OR REPLACE SECURITY INTEGRATION tfy_oauth
TYPE = OAUTH
OAUTH_CLIENT = CUSTOM
ENABLED = TRUE
OAUTH_CLIENT_TYPE = 'CONFIDENTIAL'
OAUTH_REDIRECT_URI = 'https://<tfy-control-plane-base-url>/api/svc/v1/llm-gateway/mcp-servers/oauth2/callback';
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('TFY_OAUTH');
Register in TrueFoundry
The Snowflake MCP URL has this format:
https://<account_url>/api/v2/databases/<database>/schemas/<schema>/mcp-servers/<server_name>
Security Notes
Use read_only: true for SQL tools unless agents must write data. Grant access to underlying Cortex resources separately; access to the MCP server alone is not enough.
