Databricks Community

NarenderKumar · ‎05-14-2024

I am trying to generate PAT for a service principle.
I am following the documentation as shown below:
https://docs.databricks.com/en/dev-tools/auth/oauth-m2m.html#create-token-in-account

I have prepared the below curl command:

I am getting below error:

Please help me to create the curl command that can generate the PAT

NarenderKumar · ‎05-19-2024

I was able to generate the workspace level token using the databricks cli.

I set the following details in the databricks cli profile(.databrickscfg) file:

host = https://myworksapce.azuredatabricks.net/

account_id = (my db account id)

client_id = (my sp client id)

client_secret = (generated from databricks worksapce)

After setting these, I ran the following command and generated the token:

databricks tokens create --lifetime-seconds 157680000

View solution in original post

Kaniz_Fatma · ‎05-15-2024

Hi @NarenderKumar, Here’s a general example of how you might use a curl command to generate a Personal Access Token (PAT) for a service principal in Azure Databricks:

curl --location --request POST 'https://<databricks-workspace-url>/api/2.0/token/create' \
--header 'Authorization: Bearer <bearer-token>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "lifetime_seconds": <lifetime-in-seconds>,
    "comment": "<comment>"
}'

In this command:

Replace <databricks-workspace-url> with your Databricks workspace URL.
Replace <bearer-token> with your bearer token.
Replace <lifetime-in-seconds> with the desired lifetime of the token in seconds.
Replace <comment> with a comment that helps you identify this token in the future.

Please note that this is a general example and you might need to adjust it based on your specific re...¹ ² ³.

Also, remember to store your generated PAT in a secure location and do not share it with others ¹. If you lose the PAT, you cannot regenerate the same token and you will need to create a new one ¹. If you believe that the token has been compromised, it is strongly recommended that you immediately ...¹.

Let me know if you need further assistance! 😊

NarenderKumar · ‎05-15-2024

Hi @Kaniz_Fatma Thank you for the details.

1. The command that you have shared takes token in the header, but the command that I am trying to use is to generate the token for a service principle

2. The command shared by you is not taking a client id and client secret. so how can we generate it for a service principle

3. we can generated tokens at the account level and workspace level. The command shared by you is at workspace level not at the account level.

Please help me if you know how to generate PAT for a service principle at the account level.

NarenderKumar · ‎05-19-2024

I was able to generate the workspace level token using the databricks cli.

I set the following details in the databricks cli profile(.databrickscfg) file:

host = https://myworksapce.azuredatabricks.net/

account_id = (my db account id)

client_id = (my sp client id)

client_secret = (generated from databricks worksapce)

After setting these, I ran the following command and generated the token:

databricks tokens create --lifetime-seconds 157680000

Databricks Community

Unable to generate account level PAT for service principle

🔔 ALERT: Act Now to Protect Your Community Account; Secure Your Details Before It's Too Late!

Databricks Learning Festival (Virtual): 10 July - 24 July 2024

Data + AI Summit 2024: An Executive Summary for Data Leaders

Big Data Is Back and Is More Important Than AI