cancel
Showing results forย 
Search instead forย 
Did you mean:ย 
Community Platform Discussions
Connect with fellow community members to discuss general topics related to the Databricks platform, industry trends, and best practices. Share experiences, ask questions, and foster collaboration within the community.
cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

How to change the OAuth token lifetime and the maximum number of OAuth tokens

minhngc4795
New Contributor II

Hi team,

Iโ€™m working on generating an OAuth token using a service principal, following the instructions here: https://docs.databricks.com/en/dev-tools/auth/oauth-m2m.html#language-CLI, specifically the section on manually generating a workspace-level access token with the API (https://<databricks-instance>/oidc/v1/token).

However, I've encountered two issues:

  1. Iโ€™m unable to customize the token expiration time. Iโ€™ve tried parameters like lifetime_seconds and expires_in, but they donโ€™t seem to work. Could you clarify the correct parameter to use for setting a custom token lifetime?

  2. If the token expiration is indeed fixed at 1 hour, what is the maximum number of OAuth tokens that can be generated within my workspace or account? (within 1 hour or 1 day)

Thanks in advance for your help!

4 REPLIES 4

szymon_dybczak
Contributor III

Thank you for your reply @szymon_dybczak 

However, I can't use those APIs with my current state. So I followed the website, and got only the Client ID (Application ID) and Client Secret for the Workspace level access.

Try to reproduce your link but not works for me. Non Authorization for Client ID + Client Secret 

Hi, 

But why can't you use these APIs? To make it work your service principal needs to be added to your databricks workkspace and be added to admins group.There is no other way to change Oauth token liftetime than using this API

minhngc4795
New Contributor II

Thank you for your reply @szymon_dybczak 

service principal added to admins group: This is the problem @szymon_dybczak, we don't want that service principal to get the admin privilege, it should have access to some tables/schemas in our workspace but not all of them.

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you wonโ€™t want to miss the chance to attend and share knowledge.

If there isnโ€™t a group near you, start one and help create a community that brings people together.

Request a New Group