To authenticate and access Databricks REST APIs, you use personal access tokens. Tokens are similar to passwords; you should treat them with care. Tokens expire and can be revoked.
Token-based authentication is enabled by default for all Azure Databricks accounts launched after January 2018. If it is disabled, your administrator must enable it before you can perform the tasks described in this topic. See Enable Token-based Authentication.
This section describes how to generate a personal access token in the Azure Databricks UI. You can also generate and revoke tokens using the Token API.
Click the user profile icon in the upper right corner of your Azure Databricks workspace.
Click User Settings.
Go to the Access Tokens tab.
Click the Generate New Token button.
Optionally enter a description (comment) and expiration period.
Click the Generate button.
Copy the generated token and store in a secure location.
This section describes how to revoke personal access tokens using the Azure Databricks UI. You can also generate and revoke access tokens using the Token API.
- Click the user profile icon in the upper right corner of your Azure Databricks workspace.
- Click User Settings.
- Go to the Access Tokens tab.
- Click x for the token you want to revoke.
- On the Revoke Token dialog, click the Revoke Token button.
Create a .netrc file with
machine <databricks-instance> login token password <personal-access-token-value>
<databricks-instance> with the <region>.azuredatabricks.net domain name of your Azure Databricks deployment.
<personal-access-token-value> with the value of your personal access token.
To invoke the
.netrc file, use
-n in your
curl -n -X GET https://<databricks-instance>/api/2.0/token/list
You can include the token in the header using
Bearer authentication. You can use this approach with
curl or any client that you build.
curl 'https://<databricks-instance>/api/2.0/token/list' -X GET -H "Authorization: Bearer <personal-access-token-value>"