Configure Compose¶
Alation Cloud Service Applies to Alation Cloud Service instances of Alation
Customer Managed Applies to customer-managed instances of Alation
To configure the use of Compose with your Google BigQuery OCF data source, go to the Compose tab on the Settings page of your Snowflake OCF data source. For more details, see Configure Compose for OCF Data Sources.
To configure authentication for Compose, query forms, dynamic sampling and profiling, and data upload, perform the configuration described below.
This configuration assumes that you have created an OAuth client for Alation and added a redirect URL for Compose as is described in the Configure OAuth Authentication section of Configure Connection to Data Source.
To enable Compose and other features that use user-initiated connections for your data source:
Enable Compose for your data source by enabling the Enabled in Compose toggle.
Select the Enable OAuth 2.0 in Compose checkbox under the section OAuth Connection. The user interface will display the relevant configuration fields.
Parameter
Description
Client ID
Specify the OAuth client ID.
Client Secret
Specify the OAuth client secret.
Request Refresh Tokens
Select this checkbox to enable requests for refresh tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token expires.
Enable PKCE
PKCE is a way to make a token request more secure. Optional property. Select if available.
Authorization Endpoint
Specify the authorization endpoint to be used to obtain an authorization grant after a user authorizes a client with Google BigQuery.
Use value:
https://accounts.google.com/o/oauth2/v2/auth
Token Request Endpoint
This endpoint returns access tokens or refresh tokens depending on the request parameters.
Use value:
https://oauth2.googleapis.com/token
Default Scope
Use the following values:
openid email https://www.googleapis.com/auth/bigquery
The values are separated by a space.
Refresh Scope
The Refresh Scope field becomes available if the Request Refresh Tokens checkbox is selected.
Enter the value
offline_access
(allows the authentication flow to acquire new access tokens when the current ones expire).Username field/claim
Property of the top-level JSON attribute in the authorization server response to a token request that contains the identity of the authorized user.
Use value
Make sure to select the JWT checkbox after filling this field.
JWT
For most authorization servers, access tokens are issued as a JWT.
When this checkbox is selected, the access token is parsed as a JWT and the username information is extracted as a claim from the token.
When this checkbox is left unselected, Alation attempts to extract the username information as a top-level attribute of the JSON response returned from the authorization server upon token request.
Access token parameter name
Use the value
OAuthAccessToken
.OAuth Enablers
Use the value
OAuthType=2
.
After providing the OAuth configuration information, either edit the default Compose URI or add a new OAuth-enabled URI using one of the formats below.
bigquery://https://www.googleapis.com/bigquery/v2:443;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2
Some Google BigQuery environments require the service account ID in the Compose URL. If that is the case, use this format:
bigquery://https://www.googleapis.com/bigquery/v2:443;ProjectId=<Your Project Name>;QueryDialect=SQL;TimeOut=60;OAuthType=2;OAuthServiceAcctEmail=<Service Account ID>
Note
Legacy SQL is supported: QueryDialect=BIG_QUERY.
Click Save to save the information you entered.
For other configuration options on the Compose tab, refer to Configure Compose for OCF Data Sources.
Note
When you create temporary tables (TEMP tables) on Google BigQuery using Compose, ensure that you enclose the query within BEGIN and END statements. For example:
BEGIN CREATE TEMP TABLE _SESSION.V_TEST AS SELECT * from `ostk-gcp-ostkedwviews-prod.edw_access_views.ostk_cal`; END