Databricks Community

Asaph · ‎01-22-2025

Hi everyone,

I’ve been trying to work with the databricks.sdk Python library to manage service principals programmatically. However, I’m running into an issue when attempting to create a service principal using the AccountClient class. Below is the code snippet I’m using:

from databricks.sdk import WorkspaceClient, AccountClient
import time

account_client = AccountClient()

sp_create = account_client.service_principals.create(active=True, display_name=f'sdk-{time.time_ns()}')

sp = account_client.service_principals.get(id=sp_create.id)

# cleanup
account_client.service_principals.delete(id=sp_create.id)

The Problem

When I execute the above code, I encounter the following error:

NotFound                                  Traceback (most recent call last)
Cell In[12], line 1
----> 1 sp_create = account_client.service_principals.create(active=True, display_name=f'sdk-{time.time_ns()}')

File ~/.pyenv/versions/3.8.13/lib/python3.8/site-packages/databricks/sdk/service/iam.py:2257, in AccountServicePrincipalsAPI.create(self, active, application_id, display_name, entitlements, external_id, groups, id, roles, schemas)
...
NotFound: Endpoint not found for /2.0/accounts/ACCOUNT_ID/scim/v2/ServicePrincipals

Observations

The error indicates a NotFound issue, specifically stating that the endpoint /2.0/accounts/{account_id}/scim/v2/ServicePrincipals could not be found.
I suspect the AccountClient might not be properly configured or the SDK might not support this operation for my Databricks environment.

Environment Details

Python version: 3.8.13
Databricks SDK version: databricks.sdk (latest version from PyPI)
Databricks environment: AWS Databricks

Questions

Has anyone successfully used the AccountClient class to manage service principals?
Is there any additional configuration or permissions required to use this API?
Could this be a versioning issue with the SDK or API endpoint?

Any insights or guidance would be greatly appreciated. Thanks in advance!

Csoni · ‎01-23-2025

I am facing the same issue

andres_garcia · ‎01-23-2025

Hi @Asaph, this could be an authentication or missing configuration issue. Please ensure that the AccountClient class instance is created with the required authentication details. Additionally, since this is an account-level operation, check you have account admin privileges to run it successfully.

Example code:

from databricks.sdk import WorkspaceClient, AccountClient
import time

account_client = AccountClient(
    host='', # databricks account console host
    account_id='', # databricks account id
    # authentication options 
    # client_id/client_secret best practice
    client_id='',
    client_secret=''
)

sp_create = account_client.service_principals.create(active=True, display_name=f'sdk-{time.time_ns()}')

sp = account_client.service_principals.get(id=sp_create.id)

# cleanup
account_client.service_principals.delete(id=sp_create.id)

Mark as resolved if this solves your issue.

nick533 · ‎01-23-2025

This can be a problem with missing configuration or authentication. Please make sure that the necessary authentication information is included when creating the AccountClient class instance. Additionally, make sure you have account admin capabilities to do this operation correctly, as it is account-level.

nick533 · ‎01-26-2025

This can be an issue with authentication or configuration being missing. When constructing the AccountClient class instance, please ensure that the required authentication details are present. Additionally, since this action is account-level, make sure you have account admin skills to complete it successfully.