cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access Databricks API using IDP token

costi9992
New Contributor III

‎01-16-2023 08:33 AM

Hello,

We have a databricks account & workspace, provided by AWS with SSO enabled.

Is there any way to access databricks workspace API ( jobs/clusters, etc ) using a token retrieved from IdentityProvider ?

We can access databricks workspace API with AD token only if we have our workspace provided by Azure, but for our AWS provided workspaces we didn't find anything in databricks documentation about using API without username & password.

Labels:
0 Kudos
3 REPLIES 3

Anonymous
Not applicable

‎04-10-2023 07:55 AM

@Costin Chiulan​ :

Yes, it is possible to use Identity Provider (IdP) tokens to authenticate and access the Databricks REST API for workspaces provided by AWS.

Databricks supports OAuth 2.0/OpenID Connect (OIDC) for identity management and authentication, which allows the use of tokens from external IdPs like AWS Cognito, Okta, Ping Identity, and others. You can configure Databricks to use your IdP as the identity provider and then obtain an access token for the authenticated user using the OAuth 2.0/OIDC flow.

Once you have obtained the access token, you can use it to authenticate and access the Databricks REST API by setting the Authorization header to Bearer <access-token> in your API requests. You can also use the Databricks CLI with the token to perform various operations on your Databricks workspace.

You can find more information on how to configure Databricks for OAuth 2.0/OIDC and how to obtain and use access tokens in the Databricks documentation.

0 Kudos

fpopa
New Contributor II

‎02-28-2024 12:19 PM

Hey - Costin and Anonymous user, have you managed to get this working, do you have examples by any chance?

I'm also trying something similar but I haven't been able to make it work.
authenticate and access the Databricks REST API by setting the Authorization header to Bearer <access-token> in your API requests
Is this <access-token> the one you get when logging in against the IdP or is it a different token?

I've configured Okta OIDC against a web app I'm working on as well as against Databricks. I get an access token from Okta but when I try to interact with the Databricks API using it, it doesn't work.
The response Databricks returns is: "Invalid Token", tried using both the REST API as well as the CLI.

context: I'm using Okta OIDC with Databricks on AWS

costi9992
New Contributor III
In response to fpopa

‎07-31-2024 12:52 AM

No, i wasn't able to do it.  There is nothing explained in the documentation regarding this. 

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements