โ10-04-2024 11:20 AM
I am working on a notebook to help me create Azure Databricks Groups. When I create a group in a workspace using the UI, it automatically creates the group at the account level and links them. When I create a group using the API, and I create the workspace group, it creates it as a local group to the workspace. Using a different API, I was able to create the group at the account level. I have not found the API so I can do the exact same thing that happens in the UI. Any suggestions?
โ10-04-2024 01:29 PM
Hi @Derek_Czarny ,
Unfortunately, there is no single endpoint that replicates what you can do in the UI. But you can achieve the same with following approach:
- create group at account level using below endpoint:
https://docs.databricks.com/api/account/accountgroups/create
- associate this group with workspace using below endpoint
https://docs.databricks.com/api/account/workspaceassignment/update
โ10-04-2024 01:29 PM
Hi @Derek_Czarny ,
Unfortunately, there is no single endpoint that replicates what you can do in the UI. But you can achieve the same with following approach:
- create group at account level using below endpoint:
https://docs.databricks.com/api/account/accountgroups/create
- associate this group with workspace using below endpoint
https://docs.databricks.com/api/account/workspaceassignment/update
โ10-15-2024 07:40 AM
I am finally able to circle back to this. I can create the account group just fine. When I go to create the workspace group, I keep getting an error message:
Response: {"error_code":"ENDPOINT_NOT_FOUND","message":"No API found for 'POST /accounts/[REDACTED]/workspaces/[REDACTED]/permissionassignments/principals/[REDACTED]'"
โ10-15-2024 10:45 AM
Hi @Derek_Czarny ,
I guess you're using wrong http method. You should use PUT method instead POST.
โ10-15-2024 11:20 AM
That was it, thank you. I was looking at the wrong details. I really appreciate it.
โ10-15-2024 12:11 PM
Cool, I'm happy that it worked for you
โ06-18-2025 08:16 AM
I have a couple of questions regarding the Token to achieve this, If I create a workspace PAT token, is it limited to only the workspace or all the workspaces I have access to. And Do my account admin privileges translated to the PAT token I create in the workspace?
Also how to create an account level access token?
โ06-18-2025 09:17 AM
@pranav5 - Workspace tokens are scoped to the workspace it was created for. A workspace token for "dev" cannot be used in a different workspace and a new token is required for each one. Depending on how you have user identities setup, account level tokens can either be generated in the Account portal or if integrated in something like Entra Id (via SCIM), you generate tokens from the authentication provider.
โ06-19-2025 01:22 AM
Thanks for this, But I have account admin access and would my workspace token also inherit that or workspace and account admin are segregated meaning, I can't use my account admin privileges at the workspace level, account admin privileges can only affect at the account side?
Passionate about hosting events and connecting people? Help us grow a vibrant local communityโsign up today to get started!
Sign Up Now