cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access Databricks API using IDP token

costi9992
New Contributor III

‎01-16-2023 08:33 AM

Hello,

We have a databricks account & workspace, provided by AWS with SSO enabled.

Is there any way to access databricks workspace API ( jobs/clusters, etc ) using a token retrieved from IdentityProvider ?

We can access databricks workspace API with AD token only if we have our workspace provided by Azure, but for our AWS provided workspaces we didn't find anything in databricks documentation about using API without username & password.

Labels:
0 Kudos
2 REPLIES 2

Anonymous
Not applicable

‎04-10-2023 07:55 AM

@Costin Chiulan​ :

Yes, it is possible to use Identity Provider (IdP) tokens to authenticate and access the Databricks REST API for workspaces provided by AWS.

Databricks supports OAuth 2.0/OpenID Connect (OIDC) for identity management and authentication, which allows the use of tokens from external IdPs like AWS Cognito, Okta, Ping Identity, and others. You can configure Databricks to use your IdP as the identity provider and then obtain an access token for the authenticated user using the OAuth 2.0/OIDC flow.

Once you have obtained the access token, you can use it to authenticate and access the Databricks REST API by setting the Authorization header to Bearer <access-token> in your API requests. You can also use the Databricks CLI with the token to perform various operations on your Databricks workspace.

You can find more information on how to configure Databricks for OAuth 2.0/OIDC and how to obtain and use access tokens in the Databricks documentation.

0 Kudos

fpopa
New Contributor II

‎02-28-2024 12:19 PM

Hey - Costin and Anonymous user, have you managed to get this working, do you have examples by any chance?

I'm also trying something similar but I haven't been able to make it work.
authenticate and access the Databricks REST API by setting the Authorization header to Bearer <access-token> in your API requests
Is this <access-token> the one you get when logging in against the IdP or is it a different token?

I've configured Okta OIDC against a web app I'm working on as well as against Databricks. I get an access token from Okta but when I try to interact with the Databricks API using it, it doesn't work.
The response Databricks returns is: "Invalid Token", tried using both the REST API as well as the CLI.

context: I'm using Okta OIDC with Databricks on AWS

0 Kudos
Announcements
Welcome to Databricks Community: Lets learn, network and celebrate together

Join our fast-growing data practitioner and expert community of 80K+ members, ready to discover, help and collaborate together while making meaningful connections. 

Click here to register and join today! 

Engage in exciting technical discussions, join a group with your peers and meet our Featured Members.