https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140318#M51381 <P>Hello&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/198598">@GijsR</a>!</P> <P>To view the identities assigned to permissions for that workspace, use:<BR /><EM>/api/2.0/accounts/{account_id}/workspaces/{workspace_id}/permissionassignments</EM><BR />This endpoint returns the actual users, groups, and service principals mapped to each permission.<BR /><BR /><A href="https://docs.databricks.com/api/account/workspaceassignment/list" target="_blank">https://docs.databricks.com/api/account/workspaceassignment/list</A></P> Tue, 25 Nov 2025 14:39:20 GMT Advika 2025-11-25T14:39:20Z https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/139984#M51325 <P>Hi there,</P><P>Looking through the documentation, I noticed the&nbsp;<SPAN>/api/2.0/accounts/{account_id}/workspaces/{workspace_id}/permissionassignments/permissions only returns the permissions but not the identity assigned the permission. This would be helpful for scenarios to capture what current permissions are assigned.</SPAN></P> Sat, 22 Nov 2025 02:44:36 GMT https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/139984#M51325 GijsR 2025-11-22T02:44:36Z https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140318#M51381 <P>Hello&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/198598">@GijsR</a>!</P> <P>To view the identities assigned to permissions for that workspace, use:<BR /><EM>/api/2.0/accounts/{account_id}/workspaces/{workspace_id}/permissionassignments</EM><BR />This endpoint returns the actual users, groups, and service principals mapped to each permission.<BR /><BR /><A href="https://docs.databricks.com/api/account/workspaceassignment/list" target="_blank">https://docs.databricks.com/api/account/workspaceassignment/list</A></P> Tue, 25 Nov 2025 14:39:20 GMT https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140318#M51381 Advika 2025-11-25T14:39:20Z https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140324#M51384 <P>Hello <a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/198598">@GijsR</a>&nbsp;,</P> <P>For “who has what” today, the most reliable alternatives are the system tables and Unity Catalog information schema views, which do include principals. You can use the information_schema to list the current grants&nbsp;the principals (GRANTEE) for catalogs, schemas, tables, views, volumes, etc.These views return identities and privilege types, and the system-level information schema lets you query across the whole metastore.<BR />Ref Doc -&nbsp;<A href="https://docs.databricks.com/aws/en/sql/language-manual/sql-ref-information-schema" target="_blank">https://docs.databricks.com/aws/en/sql/language-manual/sql-ref-information-schema</A></P> <P>You can also use the system-level information schema lets you query across the whole metastore.<BR />the system.access.audit table to capture permission-update events and ACL changes (including user_name, group_name, and permission_level) for workspace apps and other securables; this is event-oriented but can be used to reconstruct or monitor permission assignments over time.<BR />Ref Doc -&nbsp;<A href="https://docs.databricks.com/aws/en/admin/system-tables/audit-logs" target="_blank">https://docs.databricks.com/aws/en/admin/system-tables/audit-logs</A></P> Tue, 25 Nov 2025 18:00:52 GMT https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140324#M51384 iyashk-DB 2025-11-25T18:00:52Z https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140356#M51397 <P>I'll give this one a try. Thanks, Advika, for the response!</P> Wed, 26 Nov 2025 02:14:10 GMT https://community.databricks.com/t5/data-engineering/list-workspace-permissions-should-return-identity/m-p/140356#M51397 GijsR 2025-11-26T02:14:10Z