Databricks Community

Balram-snaplogi · ‎01-31-2025

Hi,

I am using OAuth machine-to-machine (M2M) authentication with the JDBC approach.
String url = "jdbc:databricks://<server-hostname>:443";
Properties p = new java.util.Properties();
p.put("httpPath", "<http-path>");
p.put("AuthMech", "11");
p.put("Auth_Flow", "1");
p.put("OAuth2ClientId", "<service-principal-application-id>");
p.put("OAuth2Secret", "<service-principal-oauth-secret>");
Connection conn = DriverManager.getConnection(url, p);

I created a service principal, and using it, I am able to retrieve warehouse and database table details. However, I am unable to execute Job Runs from my code, as it returns a 401 Unauthorized error. With token-based authentication, I am able to execute Job Runs successfully. I tried adding some permissions, but it did not work for me. Can you please suggest what I might be missing?

Also, I am getting the same error in the Unload operation as well. It works with token-based authentication, but with M2M authentication, I am getting a 401 error.

Thanks

szymon_dybczak · ‎02-02-2025

Hi @Balram-snaplogi ,

It looks like permission problem. Could you check if the service principal has the necessary permissions to execute jobs?
In Databricks, permissions for jobs can be managed to control access. The following permissions are available:

Is Owner: Full control over the job.
Can Manage: Ability to edit the job definition, including permissions, and pause or resume schedules.
Can Manage Run: Permission to trigger and cancel job runs.
Can View: Access to view job run results.

To ensure your service principal can execute jobs, it should have at least the "Can Manage Run" permission on the specific job. You can assign these permissions through the Databricks workspace UI: