08-07-2022 11:26 PM
Hello Community,
We are able to connect to databricks(using Personal access token) from Power BI Desktop and we able to set up scheduling databricks notebook using DataFactory for every 10 minutes(as per our requirement).
We want to avoid using the personal access token. What are all the alternatives and how service principal helps here?
Objective: We want avoid individual user credentials in the system.
I request the community the help us here.
Thanks
Venkat
08-08-2022 02:50 AM
You can use the token generated for the service principal and use it. As a security best practice, when authenticating with automated tools, systems, scripts, and apps, Databricks recommends you use access tokens belonging to service principals instead of workspace users. For more information, see Service principals for Azure Databricks automation.
https://docs.microsoft.com/en-us/azure/databricks//dev-tools/service-principals
08-08-2022 06:41 PM
Thanks Prabakar for your reply...
11-18-2022 10:39 AM
Hi Prabakar,
What is the best practice here -
1. To develop the reports by connecting to Databricks using individual PATs.
2. Then, after deploying the report to PowerBI service, change the data source credentials to point to the PAT of the Service Principal so data import is done based on defined schedule.
3. PowerBI report users then need not be having Databricks accounts as the underlying service principal is fetching data for them.
Is my understanding correct?
02-08-2023 05:36 AM
Hey Prabakar,
Can you please share the best practice using service principals to authenticate using PowerBi, since Azure AD tokens have a lifetime of 1 hour. Do we need to constantly update data source credentials ?
Many thanks!
Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.
If there isn’t a group near you, start one and help create a community that brings people together.
Request a New Group