Adding a Databricks Application
In order to integrate with Databricks, first create an application entry in Data Access Security. This entry includes the identification, connection details, and other parameters necessary to create the link.
To add an application, use the New Application Wizard.
- Go to Admin > Applications.
- Select Add New to open the wizard.
- Select Standard Application.
- Select Next to open the General Details page.
General Details
-
Review and edit the application's general details:
- Application Type - Databricks
- Application Name - Logical name of the application
- Description - Description of the application
- Tags - Select tags for the application from the dropdown list or type a new name. Select Enter to create a tag.
-
Identity Collector - (Mandatory) Select an Identity Collector of type Databricks.
You can create identity collectors on the Admin > Identity Collectors page or directly from the Source Configuration page.
Ensure you run the Identity Collector Aggregation task before running the Permission Collection Task.
-
Select Next to open the Connection Details page.
Connection Details
-
Complete the Connection Details:
- Field Description Cloud Type - Azure or AWS
- Authentication Type - Databricks M2M or Microsoft Entra Authentication when Azure is the Cloud Type
- Grant Type - Client credentials
- Tenant ID - Required only when Authentication Type is Microsoft Entra Authentication (Azure). Leave blank for Databricks M2M.
- Client ID - Service principal application (client) ID
- Client Secret - Service principal OAuth client secret
- Account ID - Databricks account ID (GUID). Find it in the account console URL or account settings.
- Metastore ID - Databricks metastore ID for the data you are governing
- Workspace ID - Numeric workspace ID used for Databricks operations in this metastore
Note
The configuration wizard does not ask for a workspace URL, SQL warehouse ID, or personal access token. The platform resolves workspace connectivity from account, metastore, and workspace IDs.
-
Select Next.
Service Principal Workspace Assignment
Important
For Databricks M2M, the service principal must be assigned to the workspace as USER. If it is not assigned, test connection and scheduled tasks may fail with OAuth or authorization errors.
Assign the service principal using the Databricks account/workspace administration documentation.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.