Expose Snowflake Cortex Agents to Microsoft Foundry

Connect your Snowflake Cortex Agents to Microsoft Foundry Agent Service, enabling Azure AI applications to leverage your Snowflake data and AI capabilities.

What This Does

┌─────────────────────┐         ┌──────────────────────┐         ┌─────────────────────┐
│   MS Foundry Agent  │  OAuth  │  Snowflake MCP       │  Tools  │  Cortex Agents      │
│   (Azure AI)        │◄───────►│  Server              │◄───────►│  (Your agents)      │
└─────────────────────┘         └──────────────────────┘         └─────────────────────┘

• Creates an MCP Server in Snowflake exposing your Cortex Agent(s)
• Sets up OAuth authentication between Azure and Snowflake
• Deploys a Foundry agent that can invoke your Cortex Agents as tools

Prerequisites

Snowflake

• One or more Cortex Agents already created
• ACCOUNTADMIN role (or custom role with CREATE MCP SERVER, CREATE SECURITY INTEGRATION)
• Warehouse for query execution

Azure

• Active Azure subscription
• Permissions to create Cognitive Services resources
• Azure CLI installed and logged in

Local Tools

# Azure CLI
az --version    # Requires 2.67.0+
az login

# Python with uv (for agent creation script)
uv --version    # Any recent version

Install uv if needed:

# macOS/Linux
curl -LsSf https://astral.sh/uv/install.sh | sh

# Or with pip
pip install uv

Quick Start

1. Find Your Cortex Agents

SHOW AGENTS IN ACCOUNT;

Note the DATABASE, SCHEMA, and AGENT names you want to expose.

2. Create MCP Server

Replace placeholders with your values:

USE ROLE ACCOUNTADMIN;

CREATE OR REPLACE MCP SERVER MY_DB.MY_SCHEMA.CORTEX_MCP_SERVER
  FROM SPECIFICATION $$
    tools:
      - title: "Sales Agent"
        name: "SALES_AGENT"
        type: "CORTEX_AGENT_RUN"
        identifier: "MY_DB.MY_SCHEMA.SALES_AGENT"
        description: "Agent for sales data queries"
      - title: "Support Agent"
        name: "SUPPORT_AGENT"
        type: "CORTEX_AGENT_RUN"
        identifier: "MY_DB.MY_SCHEMA.SUPPORT_AGENT"
        description: "Agent for customer support"
  $$;

-- Grant access
GRANT USAGE ON DATABASE MY_DB TO ROLE PUBLIC;
GRANT USAGE ON SCHEMA MY_DB.MY_SCHEMA TO ROLE PUBLIC;
GRANT USAGE ON MCP SERVER MY_DB.MY_SCHEMA.CORTEX_MCP_SERVER TO ROLE PUBLIC;
GRANT USAGE ON AGENT MY_DB.MY_SCHEMA.SALES_AGENT TO ROLE PUBLIC;
GRANT USAGE ON AGENT MY_DB.MY_SCHEMA.SUPPORT_AGENT TO ROLE PUBLIC;
GRANT USAGE ON WAREHOUSE MY_WH TO ROLE PUBLIC;

3. Create OAuth Integration

CREATE OR REPLACE SECURITY INTEGRATION FOUNDRY_MCP_OAUTH
    TYPE = OAUTH
    ENABLED = TRUE
    OAUTH_CLIENT = CUSTOM
    OAUTH_CLIENT_TYPE = 'CONFIDENTIAL'
    OAUTH_REDIRECT_URI = 'https://placeholder.example.com/callback'
    OAUTH_ISSUE_REFRESH_TOKENS = TRUE
    OAUTH_REFRESH_TOKEN_VALIDITY = 86400;

-- Get credentials (save these!)
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS('FOUNDRY_MCP_OAUTH');

4. Create Azure Foundry Resources

# Set variables
RESOURCE_GROUP="my-foundry-rg"
LOCATION="eastus"
FOUNDRY_NAME="my-foundry-resource"  # Must be globally unique
PROJECT_NAME="my-project"

# Create resources
az group create --name $RESOURCE_GROUP --location $LOCATION

az cognitiveservices account create \
  --name $FOUNDRY_NAME \
  --resource-group $RESOURCE_GROUP \
  --kind AIServices \
  --sku s0 \
  --location $LOCATION \
  --allow-project-management

az cognitiveservices account update \
  --name $FOUNDRY_NAME \
  --resource-group $RESOURCE_GROUP \
  --custom-domain $FOUNDRY_NAME

az cognitiveservices account project create \
  --name $FOUNDRY_NAME \
  --resource-group $RESOURCE_GROUP \
  --project-name $PROJECT_NAME \
  --location $LOCATION

# Deploy model
az cognitiveservices account deployment create \
  --name $FOUNDRY_NAME \
  --resource-group $RESOURCE_GROUP \
  --deployment-name gpt-4.1-mini \
  --model-name gpt-4.1-mini \
  --model-version "2025-04-14" \
  --model-format OpenAI \
  --sku-capacity 10 \
  --sku-name Standard

5. Configure MCP Connection in Foundry Portal

1. Go to https://ai.azure.com
2. Select your project
3. Navigate to Build > Tools > Add Tool > Custom > Model Context Protocol
4. Enter:
   • Name: snowflake-cortex-mcp
   • Remote MCP Server endpoint: https://<ACCOUNT>.snowflakecomputing.com/api/v2/databases/<DATABASE>/schemas/<SCHEMA>/mcp-servers/CORTEX_MCP_SERVER
   • Authentication: Custom OAuth
   • Client ID: (from Step 3)
   • Client secret: (from Step 3)
   • Auth URL: https://<ACCOUNT>.snowflakecomputing.com/oauth/authorize
   • Token URL: https://<ACCOUNT>.snowflakecomputing.com/oauth/token-request
   • Refresh URL: https://<ACCOUNT>.snowflakecomputing.com/oauth/token-request
   • Scopes: session:role:PUBLIC
5. Click Connect and copy the Redirect URL shown

6. Update Snowflake OAuth

ALTER SECURITY INTEGRATION FOUNDRY_MCP_OAUTH 
    SET OAUTH_REDIRECT_URI = '<REDIRECT_URL_FROM_FOUNDRY>';

7. Create Foundry Agent

# Get project endpoint from portal or CLI
PROJECT_ENDPOINT="https://$FOUNDRY_NAME.services.ai.azure.com/api/projects/$PROJECT_NAME"

# Run the agent creation script
uv run --project /path/to/skill python /path/to/skill/scripts/create_foundry_agent.py \
  --project-endpoint "$PROJECT_ENDPOINT" \
  --agent-name "SnowflakeCortexAgent" \
  --model-deployment "gpt-4.1-mini" \
  --connection-name "snowflake-cortex-mcp"

8. Test

In Foundry Portal:

1. Go to Build > Agents
2. Select your agent
3. Send a message that should use your Cortex Agent
4. Approve the tool call when prompted

Troubleshooting

"Object does not exist"

-- Check MCP server exists
SHOW MCP SERVERS IN SCHEMA MY_DB.MY_SCHEMA;

-- Check grants
SHOW GRANTS ON MCP SERVER MY_DB.MY_SCHEMA.CORTEX_MCP_SERVER;

OAuth 401/403 errors

-- Verify redirect URL matches exactly
DESCRIBE SECURITY INTEGRATION FOUNDRY_MCP_OAUTH;

Azure resource creation fails

# Check provider registration
az provider register --namespace Microsoft.CognitiveServices
az provider show --namespace Microsoft.CognitiveServices --query "registrationState"

Agent can't find tools

• Verify connection name in agent matches the project connection name
• Check MCP server has tools defined with correct identifiers

Security Considerations

• Use custom roles instead of PUBLIC for production
• Rotate OAuth credentials periodically
• Monitor access via Snowflake ACCESS_HISTORY
• Restrict network using Snowflake Network Policies if needed

Cleanup

-- Snowflake
DROP MCP SERVER IF EXISTS MY_DB.MY_SCHEMA.CORTEX_MCP_SERVER;
DROP SECURITY INTEGRATION IF EXISTS FOUNDRY_MCP_OAUTH;

# Azure - delete entire resource group
az group delete --name my-foundry-rg --yes --no-wait

# Or delete just the agent via SDK/portal

Support

• Snowflake Docs: https://docs.snowflake.com/en/user-guide/snowflake-cortex/cortex-agents-mcp
• Azure Foundry Docs: https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/tools/model-context-protocol
• MCP Authentication: https://learn.microsoft.com/en-us/azure/foundry/agents/how-to/mcp-authentication