https://community.databricks.com/t5/get-started-discussions/accessing-tenantid-via-secret-to-connect-to-azure-data-lake/m-p/41128#M777 <P>Hello,</P><P>I'm following instructions in this <A href="http://Connect%20to Azure Data Lake Storage Gen2 and Blob Storage" target="_self">article</A> to connect to ADLS gen2 using Azure service principal. I can access service principal's app id and secret via Databricks key vault backed secret scope. However, this doesn't work for directory-id and I have to hard code it and then the connection to storage works.</P><P>If we were to add this config on the cluster, is there a way to not hard code directory-id?</P><P>Thanks,</P><P>Kalyani</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 23 Aug 2023 10:41:50 GMT kp12 2023-08-23T10:41:50Z https://community.databricks.com/t5/get-started-discussions/accessing-tenantid-via-secret-to-connect-to-azure-data-lake/m-p/41128#M777 <P>Hello,</P><P>I'm following instructions in this <A href="http://Connect%20to Azure Data Lake Storage Gen2 and Blob Storage" target="_self">article</A> to connect to ADLS gen2 using Azure service principal. I can access service principal's app id and secret via Databricks key vault backed secret scope. However, this doesn't work for directory-id and I have to hard code it and then the connection to storage works.</P><P>If we were to add this config on the cluster, is there a way to not hard code directory-id?</P><P>Thanks,</P><P>Kalyani</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 23 Aug 2023 10:41:50 GMT https://community.databricks.com/t5/get-started-discussions/accessing-tenantid-via-secret-to-connect-to-azure-data-lake/m-p/41128#M777 kp12 2023-08-23T10:41:50Z https://community.databricks.com/t5/get-started-discussions/accessing-tenantid-via-secret-to-connect-to-azure-data-lake/m-p/41172#M783 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/9">@Retired_mod</a>&nbsp;, Thanks for the prompt reply. As per the document, the syntax is the text highlighted in red below for accessing keys from secret scope in spark config. I used the same for app id too and that works. But I if use the same syntax for tenant id i.e., directory-id, it doesn't work.&nbsp;Hardcoding directory-id works.</P><P>I'm hardcoding storage account name too. Haven't tested accessing it via secret scope.</P><P>I'm adding this config on the cluster, so would&nbsp;<SPAN>dbutils.secrets.get work in spark config?&nbsp;</SPAN></P><P>fs.azure.account.auth.type.&lt;storage-account&gt;.dfs.core.windows.net OAuth<BR />fs.azure.account.oauth.provider.type.&lt;storage-account&gt;.dfs.core.windows.net org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider<BR />fs.azure.account.oauth2.client.id.&lt;storage-account&gt;.dfs.core.windows.net &lt;application-id&gt;<BR />fs.azure.account.oauth2.client.secret.&lt;storage-account&gt;.dfs.core.windows.net <FONT color="#FF0000">{{secrets/&lt;secret-scope&gt;/&lt;service-credential-key&gt;}}</FONT><BR />fs.azure.account.oauth2.client.endpoint.&lt;storage-account&gt;.dfs.core.windows.net <A href="https://login.microsoftonline.com/" target="_blank">https://login.microsoftonline.com/</A>&lt;directory-id&gt;/oauth2/token</P> Wed, 23 Aug 2023 13:58:34 GMT https://community.databricks.com/t5/get-started-discussions/accessing-tenantid-via-secret-to-connect-to-azure-data-lake/m-p/41172#M783 kp12 2023-08-23T13:58:34Z