cancel
Showing results for 
Search instead for 
Did you mean: 
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Showing results for 
Search instead for 
Did you mean: 

Restrict access of user/entity to hitting only specific Databricks Rest APIs

Surajv
New Contributor III

Hi community,

Assume I generate a personal access token for an entity. Post generation, can I restrict the access of the entity to specific REST APIs? In other words, consider this example where once I use generate the token and setup a bearer token based auth and try accessing different REST APIs provided by Databricks like below 3 APIs: 

i) /api/2.1/unity-catalog/catalogs
ii) /api/2.0/preview/sql/queries

iii) /api/2.0/sql/warehouses
 
Is it possible to only access APIs defined in (i) and (ii) and not give API access permission to (iii) to the entity?
Is there a way to enforce this?
1 REPLY 1

Kaniz_Fatma
Community Manager
Community Manager

Hi @Surajv, You can control permissions using the Permissions API. Although Personal Access Tokens (PATs) do not directly support fine-grained API restrictions, you can achieve this by carefully configuring permissions for the entity associated with the token.

Join 100K+ Data Experts: Register Now & Grow with Us!

Excited to expand your horizons with us? Click here to Register and begin your journey to success!

Already a member? Login and join your local regional user group! If there isn’t one near you, fill out this form and we’ll create one for you to join!