cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Data Engineering
Join discussions on data engineering best practices, architectures, and optimization strategies within the Databricks Community. Exchange insights and solutions with fellow data engineers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Workflow job failing with source as Git Provider (remote github repo) with SP

Go to solution
srinum89
New Contributor III

โ€Ž04-03-2025 08:33 AM

Facing issue using Github App when running job with source as "Git provider" using Service Principle. Since we can't use PAT with SP on github, I am using Github app for authentication. 

Followed below documentation but still giving permission issue. 

https://learn.microsoft.com/en-us/azure/databricks/repos/get-access-tokens-from-git-provider

Why use the Databricks GitHub App instead of a PAT? from above link.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
BigRoux
Databricks Employee
Databricks Employee

โ€Ž04-03-2025 09:56 AM

When running a Databricks workflow with a Git provider source using a Service Principal, youโ€™re encountering permission issues despite using the GitHub App for authentication. This is a common challenge because Service Principals cannot use Personal Access Tokens (PATs) with GitHub.

The core problem is that while the Databricks GitHub App provides several advantages over PATs (OAuth 2.0 authentication, automatic token renewal, and more granular access control), thereโ€™s a specific configuration needed for Service Principals to access Git repositories.
Service Principals cannot create tokens like PATs or SSH Keys in GitHub, which creates an authentication challenge when they need to access Git repositories for workflows.

 

Solutions
1. Configure Git Credentials for the Service Principal
You need to explicitly set up Git credentials for your Service Principal using the Git Credential API:
 - Use the Databricks REST API to add Git credentials for your Service Principal
 - Specify the correct parameters:
     For GitHub, use the appropriate git_provider value
     Include the personal_access_token (this would be a token created by a user with appropriate access)
     Set git_username to the Service Principalโ€™s display name

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
BigRoux
Databricks Employee
Databricks Employee

โ€Ž04-03-2025 09:56 AM

When running a Databricks workflow with a Git provider source using a Service Principal, youโ€™re encountering permission issues despite using the GitHub App for authentication. This is a common challenge because Service Principals cannot use Personal Access Tokens (PATs) with GitHub.

The core problem is that while the Databricks GitHub App provides several advantages over PATs (OAuth 2.0 authentication, automatic token renewal, and more granular access control), thereโ€™s a specific configuration needed for Service Principals to access Git repositories.
Service Principals cannot create tokens like PATs or SSH Keys in GitHub, which creates an authentication challenge when they need to access Git repositories for workflows.

 

Solutions
1. Configure Git Credentials for the Service Principal
You need to explicitly set up Git credentials for your Service Principal using the Git Credential API:
 - Use the Databricks REST API to add Git credentials for your Service Principal
 - Specify the correct parameters:
     For GitHub, use the appropriate git_provider value
     Include the personal_access_token (this would be a token created by a user with appropriate access)
     Set git_username to the Service Principalโ€™s display name
0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements