cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
Help
Generative AI
Explore discussions on generative artificial intelligence techniques and applications within the Databricks Community. Share ideas, challenges, and breakthroughs in this cutting-edge field.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Best Approach for Per-User Authentication with Databricks in an Agent-Based System

Vamsi3757
Visitor

3 hours ago

Hello everyone,

I have built an ADK-based agent that connects to Databricks and can retrieve various information. However, Iā€™m trying to design a secure way to authenticate each user individually when they interact with the agent.

So far, I see two possible approaches:

  1. Using Personal Access Tokens (PATs)

    • I would prefer to avoid this approach because it requires passing PAT tokens, and I donā€™t want to expose or manage user tokens within the agent.

  2. Using OAuth with a Service Principal

    • In this case, we need to use a client_id and client_secret.
    • However, this also involves passing sensitive credentials to the agent, which I would like to avoid for security reasons.

Given these constraints, Iā€™m looking for guidance on:

Is there a recommended approach to securely authenticate each user individually in an agent-based architecture without exposing PATs or client secrets?

For example:

  • Are there patterns involving SSO, external identity providers, or backend-mediated authentication?
  • Has anyone implemented a per-user authentication model in a similar setup?

Iā€™d really appreciate any suggestions or best practices from the community.

Thanks in advance!

0 Kudos
0 REPLIES 0
Announcements