Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
Databricks OAuth token federation is in Public Preview.
Databricks OAuth token federation, also known as OpenID Connect (OIDC), allows your automated workloads running outside of Databricks to securely access Databricks APIs without the need for Databricks secrets. See Authenticate access to Azure Databricks using OAuth token federation. With workload identity federation, your workload authenticates to Databricks as a service principal in your Databricks account using workload identity tokens issued by the automation environment.
Important
Databricks strongly recommends using workload identity federation to authenticate to Databricks from automated workloads whenever possible, as it eliminates the need for managing and rotating Databricks secrets, which makes it more secure than other authentication mechanisms.
This section provides steps and examples for configuring the following common CI/CD tools (identity providers) to enable the Databricks SDKs and the Databricks CLI to use workload identity federation to authenticate to Databricks.