cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

External MCP representing user data permissions

Go to solution
maikel
New Contributor II

2 weeks ago

Hello Community!

I am writing to you with a question and hope that you will help me to find the right approach.

I am building AI Enterprise System and the organization store the data on Data Bricks. To access the given data, you have to raise a request, so as a user you cannot see all data bricks data but only requested subsets. Logging in is done via corporate email.

The high level plan is that AI agents should be able to use data bricks data via MCP server but agent should operate only on the data for which given user has access to.

We would like to have this mcp running on our side and returning user’s data as requested.

  • Do you see any data bricks possibilities to achieve such a MCP scenario?  
    I will be very thankful for your help!

Best,

Michal

 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
smithsonian
New Contributor II

a week ago

Ignore for now you have MCP Server.

The problem you are trying to solve

1) An AI Agent needs to access data inside Databricks 
2) The agent need to operate at the user's permissions

There are muliple paths

1) Directly using OAuth/HTTP

https://docs.databricks.com/aws/en/dev-tools/auth/#gsc.tab=0

In this case you will have to acquire an OBO token that implements data access with exactly the same access the user has. This is well documented using REST APIs and OAuth

2) Use a built in MCP Server from Databricks (this may get you access to the Databricks data but it may not implement OBO you have to check)

So your first problem is to get an OBO token from Databricks. Once you get this OBO token you have to manage it in your agentic application. It does not matter where your server that acquires the token lives or whether it is MCP Server or not. 

Hope this helps 

View solution in original post

5 REPLIES 5

Go to solution
smithsonian
New Contributor II

2 weeks ago

Hi Michal 

Your MCP Server needs to implement OBO - On-behalf-of User Authentication  OBO allows the Agent to run with the permissions of the end user making the request and users the end user's credentials with restricted scopes. 

Depending on your application you also want to present the "the list of allowed access" that a user has to the MCP Host and have the Host UI choose what subsets of data the Agent can act upon. OBO means the Agent can never exceed the user's original assigned permissions. 

Hope this helps. 

https://docs.databricks.com/aws/en/generative-ai/agent-framework/agent-authentication#gsc.tab=0




MCP does not yet have a native OBO delegation so this is something you have to build into your MCP Server. 


0 Kudos

Go to solution
maikel
New Contributor II

2 weeks ago

Hi @smithsonian !
Thank you for the response! Another question is, can I have MCP server outside data bricks and connect to the data inside DBX? 

https://docs.databricks.com/aws/en/generative-ai/mcp/connect-external-services?language=Set+up+PAT#m...

I see those options but none of them has a possibility to host MPC outside DBC (e.g. on AWS) and access user's data.

0 Kudos

Go to solution
smithsonian
New Contributor II
In response to maikel

a week ago

You can connect Databricks to external Model Context Protocol (MCP) servers to give your agents access to a wider range of tools that are hosted outside of Databricks.

Databricks has this feature in Beta. You can check this doc link below.

https://docs.databricks.com/aws/en/generative-ai/mcp/external-mcp#gsc.tab=0

0 Kudos

Go to solution
maikel
New Contributor II

a week ago

Hi!
I would like to have it other way round. External MCP server is able to fetch data stored in Data Bricks.
Any ideas?

0 Kudos

Go to solution
smithsonian
New Contributor II

a week ago

Ignore for now you have MCP Server.

The problem you are trying to solve

1) An AI Agent needs to access data inside Databricks 
2) The agent need to operate at the user's permissions

There are muliple paths

1) Directly using OAuth/HTTP

https://docs.databricks.com/aws/en/dev-tools/auth/#gsc.tab=0

In this case you will have to acquire an OBO token that implements data access with exactly the same access the user has. This is well documented using REST APIs and OAuth

2) Use a built in MCP Server from Databricks (this may get you access to the Databricks data but it may not implement OBO you have to check)

So your first problem is to get an OBO token from Databricks. Once you get this OBO token you have to manage it in your agentic application. It does not matter where your server that acquires the token lives or whether it is MCP Server or not. 

Hope this helps 

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements