cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

cannot see "User Provisioning " in settings in Databricks Account management console

Go to solution
dpavanbo
New Contributor

‎02-04-2026 02:05 PM

Hi Team , 

I came across below issues , need help to resolve  the issue's .

Issue 1 :-   cannot see "User Provisioning " in settings in Databricks Account management console.

Issue 2: - Account Admin -Toggle - Failed to provision user. Please ensure the user is active in the tenant.

Issue 3:- Delete the user is also disabled 

Need help to fix the  issue , Thanks in advance 

Preview file
742 KB
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
sarahbhord
Databricks Employee
Databricks Employee

‎02-12-2026 07:37 AM

 

Hey dpavanbo

1. In the account console, go to Security > User provisioning. If you see “Automatic identity management,” that’s expected on Azure; it replaces traditional SCIM UI and handles JIT on first sign‑in.

2. Automatic identity management: Ensure the user is active in Entra and have them sign in once to trigger JIT. For Entra SCIM app: Assign the user (or group) to the Databricks SCIM app, turn Provisioning On, restart sync, verify the SCIM token, and ensure userName maps to userPrincipalName (avoid UPN vs mail mismatch).

 
3. Remove/deactivate the user in Entra ID or unassign them from the Databricks/SCIM app; Databricks reflects the change on sync. Local delete is limited when IdP‑managed.
 
Hope this helps,
 
Sarah
  •  

 

View solution in original post

1 REPLY 1

Go to solution
sarahbhord
Databricks Employee
Databricks Employee

‎02-12-2026 07:37 AM

 

Hey dpavanbo

1. In the account console, go to Security > User provisioning. If you see “Automatic identity management,” that’s expected on Azure; it replaces traditional SCIM UI and handles JIT on first sign‑in.

2. Automatic identity management: Ensure the user is active in Entra and have them sign in once to trigger JIT. For Entra SCIM app: Assign the user (or group) to the Databricks SCIM app, turn Provisioning On, restart sync, verify the SCIM token, and ensure userName maps to userPrincipalName (avoid UPN vs mail mismatch).

 
3. Remove/deactivate the user in Entra ID or unassign them from the Databricks/SCIM app; Databricks reflects the change on sync. Local delete is limited when IdP‑managed.
 
Hope this helps,
 
Sarah
  •  

 

Announcements