Authentication

Users can use either personal access tokens or passwords to authenticate and access Databricks REST APIs. Tokens are similar to passwords and it is recommended to treat them with care. These tokens have expirations and can be revoked unlike passwords.

Listed below are the example cURL commands that demonstrate REST API authentication.

  • Personal access token:
    1. Generate your token from the Token Management page.
    2. Place your token in the header as -H "Authorization: Bearer TOKEN_VALUE".
  • Username and password:
    • Recommended: place your credentials in .netrc and specify your commands with -n.
    • Not recommended: use environmental variables to set your credentials and pass them into -u.
  curl -n -H "Content-Type: application/json" \
  -X POST \
  -d '{
  "cluster_name": "flights",
  "spark_version": "2.0.x-scala2.10",
  "node_type_id": "r3.xlarge",
  "spark_conf": {
    "spark.speculation": true
  },
"aws_attributes": {
  "availability": "SPOT",
  "zone_id": "us-west-2c"
  },
"num_workers": 2
}' \
https://yourinstance.cloud.databricks.com/api/2.0/clusters/create

Token Management

Databricks Admins can enable REST API Tokens, so users can use tokens instead of username/passwords for REST API Authentication. These tokens have expiration and can be revoked. Personal access tokens are disabled by default.

Users can generate and revoke their personal access tokens from “Access Tokens” tab in “User Settings” as shown below.

List_Tokens

You can create a token with an optional comment and expiration time.

Generate_Token

You will then receive the token value, which can be used for authentication.

Token_Value

You can also revoke tokens.

Revoke_Token