This answer is for authenticating with a service principal, not a managed identity ("secret-less"). 

I'm also running into the same error and attempted several permutations of the configuration, including attempting to use a databricks_service_principal_password as a secret. All result in different errors.

data "azurerm_databricks_workspace" "this" {
  name                = var.databricks_workspace_name
  resource_group_name = var.resource_group_name
}

provider "databricks" {
  alias = "spn"

  host                        = data.azurerm_databricks_workspace.this.workspace_url
  azure_workspace_resource_id = data.azurerm_databricks_workspace.this.id
  azure_client_id             = data.azuread_service_principal.access_connector.client_id
  azure_use_msi               = true
}

resource "databricks_token" "access_connector" {
  provider = databricks.spn

  comment = "${data.azuread_service_principal.access_connector.display_name} PAT"
}