cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

How to Query All the users who have access to a databricks workspace?

pranav_
New Contributor

โ€Ž03-19-2025 07:46 AM

Hi There,

I'm new to Databricks and we currently have a lot of users among different groups having access to a databricks workspace. I would like to know how I could query the users, groups and Entitlements of each groups using SQL or the API. Incase of API, I could use some help to point me towards how to use the API.

Thanks in advance!!!

0 Kudos
1 REPLY 1

tejaskelkar
New Contributor II

โ€Ž03-19-2025 09:02 AM

To query all users who have access to a Databricks workspace, you can follow these steps:

1. Check Workspace Users via Admin Console

  • If you are a workspace admin, navigate to the Admin Console in the Databricks UI. Under the "Users" tab, you can view all users who have been added to the workspace and their roles (e.g., workspace admin, user, or service principal).

2. Query Unity Catalog for Access Information

  • If your workspace is enabled for Unity Catalog, you can use SQL queries to check access privileges for users. For example:

     
    sql
    SELECT * FROM information_schema.role_authorizations WHERE principal_type = 'USER';

    This query retrieves all users and their associated roles in Unity Catalog.

3. List Users via SCIM API

  • Use the Databricks SCIM API to programmatically retrieve a list of users in the workspace. For example:

     
    bash
    curl -X GET \ -H "Authorization: Bearer <your-access-token>" \ https://<databricks-instance>/api/2.0/preview/scim/v2/Users

    This will return a JSON object containing user details, including their roles and group memberships.

4. Check Default Privileges in Unity Catalog

  • By default, all workspace users receive certain privileges (e.g., USE CATALOG) on the default schema of the Unity Catalog metastore. You can query these privileges using:

     
    sql
    SHOW GRANTS ON CATALOG default;

    This will display all users and groups with access to the default catalog.

5. Audit Logs for User Activity

  • If you need to verify which users have accessed specific data or performed actions in the workspace, enable and review audit logs. These logs can provide detailed insights into user activities across the workspace37.

By combining these methods, you can comprehensively identify all users who have access to your Databricks workspace and their respective roles or privileges.

Here are some additional resources/documentation that might be helpful:

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements