cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

How to Query All the users who have access to a databricks workspace?

pranav_
New Contributor

yesterday

Hi There,

I'm new to Databricks and we currently have a lot of users among different groups having access to a databricks workspace. I would like to know how I could query the users, groups and Entitlements of each groups using SQL or the API. Incase of API, I could use some help to point me towards how to use the API.

Thanks in advance!!!

0 Kudos
1 REPLY 1

tejaskelkar
New Contributor

yesterday

To query all users who have access to a Databricks workspace, you can follow these steps:

1. Check Workspace Users via Admin Console

  • If you are a workspace admin, navigate to the Admin Console in the Databricks UI. Under the "Users" tab, you can view all users who have been added to the workspace and their roles (e.g., workspace admin, user, or service principal).

2. Query Unity Catalog for Access Information

  • If your workspace is enabled for Unity Catalog, you can use SQL queries to check access privileges for users. For example:

     
    sql
    SELECT * FROM information_schema.role_authorizations WHERE principal_type = 'USER';

    This query retrieves all users and their associated roles in Unity Catalog.

3. List Users via SCIM API

  • Use the Databricks SCIM API to programmatically retrieve a list of users in the workspace. For example:

     
    bash
    curl -X GET \ -H "Authorization: Bearer <your-access-token>" \ https://<databricks-instance>/api/2.0/preview/scim/v2/Users

    This will return a JSON object containing user details, including their roles and group memberships.

4. Check Default Privileges in Unity Catalog

  • By default, all workspace users receive certain privileges (e.g., USE CATALOG) on the default schema of the Unity Catalog metastore. You can query these privileges using:

     
    sql
    SHOW GRANTS ON CATALOG default;

    This will display all users and groups with access to the default catalog.

5. Audit Logs for User Activity

  • If you need to verify which users have accessed specific data or performed actions in the workspace, enable and review audit logs. These logs can provide detailed insights into user activities across the workspace37.

By combining these methods, you can comprehensively identify all users who have access to your Databricks workspace and their respective roles or privileges.

Here are some additional resources/documentation that might be helpful:

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements
Top