cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Help
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Restrict access of user/entity to hitting only specific Databricks Rest APIs

Surajv
New Contributor III

‎03-19-2024 03:22 AM - edited ‎03-19-2024 03:23 AM

Hi community,

Assume I generate a personal access token for an entity. Post generation, can I restrict the access of the entity to specific REST APIs? In other words, consider this example where once I use generate the token and setup a bearer token based auth and try accessing different REST APIs provided by Databricks like below 3 APIs: 

i) /api/2.1/unity-catalog/catalogs
ii) /api/2.0/preview/sql/queries

iii) /api/2.0/sql/warehouses
 
Is it possible to only access APIs defined in (i) and (ii) and not give API access permission to (iii) to the entity?
Is there a way to enforce this?
0 Kudos
2 REPLIES 2

drag7ter2
New Contributor II

‎10-14-2024 08:35 AM

Did you get an answer how to restrict and if it is possible an access to api?

0 Kudos

Panda
Valued Contributor

‎10-15-2024 05:31 AM

@Surajv 

You have to rely on access control settings on resources and entities (users or service principals or create some cluster policies), rather than directly restricting the API endpoints at the token level.

Note: API access based on fine-grained control of the token itself may be currently not supported OOB by Databricks.

0 Kudos

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local community—sign up today to get started!

Sign Up Now
Announcements
Top