NOTE
In the example, whenever the user creates a new entity, it creates a new PAT. In order to create/list/delete the PAT, it needs two following tokens for the service principal: Azure Active Directory(AD) token and Azure Active Directory management endpoint token.
Requirement - The service principal requires the Contributor or Owner role on the Databricks workspace in Azure.
Step 1 - Get Azure AD token for the service principal
**NOTE - You can get tenant_id, client_id, and client_secrect from your service principal as below.
POST https://login.microsoftonline.com//oauth2/v2.0/token
Step 2 - Get Azure AD management endpoint token
POST https://login.microsoftonline.com//oauth2/token
Now you have two Azure AD tokens (one with Databricks service principal from step1 and another with AD management endpoint from step2)
Step 3 - Create Personal Access Token based on two AD tokens from previous steps
POST /api/2.0/token/create \
-H 'Authorization: Bearer ' \
-H 'X-Databricks-Azure-SP-Management-Token: ' \
-H 'X-Databricks-Azure-Workspace-Resource-Id: /subscriptions//resourceGroups//providers/Microsoft.Databricks/workspaces/'
You can now retrieve token_value as well as token_id from above API call. These values will be used to create an external location, catalog and schema and delete PAT that has been already used.
Optionally, you can put request body as below.
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/tokens
You can run any Databricks REST API call. Below link provides the REST API endpoint available with Azure Databricks
https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/
Top comments (0)