- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2025 02:05 AM
Hi,
As per our company policy, individual users should not be given elevated privileges. Permissions should be assigned to user groups, so that group membership can be managed at the AD level.
In that context, is there a way to assign the 'Databricks Account Admin' role to a user group instead of individual users using OAuth or service principals?
Thanks in advance for any guidance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2025 02:14 AM - edited 09-23-2025 02:16 AM
Hi @shweta_m ,
Yes, I think it's possible using REST API. You can use following endpoint which allows you to define a role membership for given group:
Create a new group. | Account Groups API | REST API reference | Databricks on AWS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2025 10:58 PM
Hi @szymon_dybczak
I tried this and it worked.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-23-2025 11:54 PM
No problem @shweta_m , great that it worked for you 🙂
