Connect agents to external services
This feature is in Public Preview.
Connect your AI agents to external applications like Slack, Google Calendar, or any service with an API. Databricks provides several approaches depending on whether the external service has an MCP server, whether you need per-user authentication, or whether you prefer to call APIs directly from agent code. All approaches rely on a Unity Catalog HTTP connection to securely manage credentials and govern access to external services.
Approach | Recommended use case |
|---|---|
Use this approach for services that publish an MCP server. It provides automatic tool discovery and works with standard SDKs. | |
Use this approach for Google Drive or SharePoint integrations. Databricks manages the OAuth credentials, so no app registration is required. | |
Use this approach to make direct REST API calls from agent code using the external service's own client SDK. | |
Use this approach for SQL-based tool definitions that wrap the |
Requirements
- A Unity Catalog HTTP connection for your external application. Unity Catalog connections provide secure, governed credential management and enable multiple authentication methods, including OAuth 2.0 user-to-machine and machine-to-machine authentication.
External MCP servers
If the external service has an MCP server available, Databricks recommends connecting through external MCP servers. MCP servers provide automatic tool discovery, simplified integration, and per-user authentication. See Use external MCP servers for installation methods, programmatic usage, and authentication details.
Add an external MCP server to your agent
After you register the external MCP server as a Unity Catalog connection, connect your agent to it using the managed MCP URL: https://<workspace-hostname>/api/2.0/mcp/external/{connection_name}. Replace <connection-name> with the name of your Unity Catalog connection.
- OpenAI Agents SDK (Apps)
- LangGraph (Apps)
- Model Serving
from agents import Agent, Runner
from databricks.sdk import WorkspaceClient
from databricks_openai.agents import McpServer
workspace_client = WorkspaceClient()
host = workspace_client.config.host
async with McpServer(
url=f"{host}/api/2.0/mcp/external/<connection-name>",
name="external-service",
workspace_client=workspace_client,
) as external_server:
agent = Agent(
name="Connected agent",
instructions="You are a helpful assistant with access to external services.",
model="databricks-claude-sonnet-4-5",
mcp_servers=[external_server],
)
result = await Runner.run(agent, "Send a Slack message to the team about the deployment")
print(result.final_output)
Grant the app access to the Unity Catalog connection in databricks.yml:
resources:
apps:
my_agent_app:
resources:
- name: 'my_connection'
uc_securable:
securable_full_name: '<connection-name>'
securable_type: 'CONNECTION'
permission: 'USE_CONNECTION'
from databricks.sdk import WorkspaceClient
from databricks_langchain import ChatDatabricks, DatabricksMCPServer, DatabricksMultiServerMCPClient
from langgraph.prebuilt import create_react_agent
workspace_client = WorkspaceClient()
host = workspace_client.config.host
mcp_client = DatabricksMultiServerMCPClient([
DatabricksMCPServer(
name="external-service",
url=f"{host}/api/2.0/mcp/external/<connection-name>",
workspace_client=workspace_client,
),
])
async with mcp_client:
tools = await mcp_client.get_tools()
agent = create_react_agent(
ChatDatabricks(endpoint="databricks-claude-sonnet-4-5"),
tools=tools,
)
result = await agent.ainvoke(
{"messages": [{"role": "user", "content": "Send a Slack message to the team about the deployment"}]}
)
print(result["messages"][-1].content)
Grant the app access to the Unity Catalog connection in databricks.yml:
resources:
apps:
my_agent_app:
resources:
- name: 'my_connection'
uc_securable:
securable_full_name: '<connection-name>'
securable_type: 'CONNECTION'
permission: 'USE_CONNECTION'
from databricks.sdk import WorkspaceClient
from databricks_mcp import DatabricksMCPClient
import mlflow
workspace_client = WorkspaceClient()
host = workspace_client.config.host
mcp_client = DatabricksMCPClient(
server_url=f"{host}/api/2.0/mcp/external/<connection-name>",
workspace_client=workspace_client,
)
tools = mcp_client.list_tools()
mlflow.pyfunc.log_model(
"agent",
python_model=my_agent,
resources=mcp_client.get_databricks_resources(),
)
To deploy the agent, see Deploy an agent for generative AI applications (Model Serving). For details on logging agents with MCP resources, see Use Databricks managed MCP servers.
Managed OAuth
Databricks offers managed OAuth flows for select API tool providers. You don't need to register your own OAuth app or manage credentials. Databricks recommends Managed OAuth for development and testing. If production use cases require generating custom OAuth credentials, see the providers' documentation for more information.
The following integrations use Databricks-managed OAuth credentials stored securely in the backend.
Provider | Configuration notes | Supported scopes | Description |
|---|---|---|---|
Google Drive API | None |
| Read-only access to Google Drive files. |
SharePoint API | None |
| Read-only access to SharePoint sites. |
To set up managed OAuth, create an HTTP connection with the OAuth User to Machine Per User auth type and select your provider from the OAuth Provider drop-down menu. For detailed steps, see Install an external MCP server.
Each user is prompted to authorize with the provider on first use.
If needed, allowlist the following redirect URIs used by managed OAuth:
Cloud | Redirect URI |
|---|---|
AWS |
|
Azure |
|
GCP |
|
UC connections proxy endpoint
Use the Unity Catalog connections proxy endpoint with the external service's own client SDK to call REST APIs directly from agent code. Point the SDK's base URL to the proxy endpoint and use your Databricks token as the API key. Databricks authenticates the request and automatically injects the external service's credentials from the Unity Catalog connection. Your code never handles the external service's tokens directly.
Permissions required: USE CONNECTION on the connection object.
- OpenAI
- Slack
- Generic HTTP
Use DatabricksOpenAI to route calls to external OpenAI through the Unity Catalog connections proxy. First, create a Unity Catalog HTTP connection using your OpenAI API key stored as a Databricks secret:
CREATE CONNECTION openai_connection TYPE HTTP
OPTIONS (
host 'https://api.openai.com',
base_path '/v1',
bearer_token secret ('<secret-scope>', '<secret-key>')
);
Then install the databricks-openai package and use the proxy URL and workspace client in your agent code:
pip install databricks-openai
from databricks_openai import DatabricksOpenAI
from databricks.sdk import WorkspaceClient
w = WorkspaceClient()
client = DatabricksOpenAI(
workspace_client=w,
base_url=f"{w.config.host}/api/2.0/unity-catalog/connections/openai_connection/proxy/",
)
response = client.chat.completions.create(
model="gpt-4o",
messages=[{"role": "user", "content": "Hello!"}],
)
print(response.choices[0].message.content)
Configure the Slack SDK to route through the Unity Catalog connections proxy. Create a Unity Catalog HTTP connection with host https://slack.com and base path /api, then use the proxy URL as the SDK base URL:
from slack_sdk import WebClient
from databricks.sdk import WorkspaceClient
w = WorkspaceClient()
client = WebClient(
token=w.config.authenticate()["Authorization"].split(" ")[1],
base_url=f"{w.config.host}/api/2.0/unity-catalog/connections/slack_connection/proxy/",
)
result = client.chat_postMessage(channel="C123456", text="Hello from Databricks!")
print(result["message"]["text"])
For services without a dedicated SDK, use the requests library with the proxy URL directly:
import requests
from databricks.sdk import WorkspaceClient
w = WorkspaceClient()
response = requests.post(
f"{w.config.host}/api/2.0/unity-catalog/connections/my_connection/proxy/api/v1/resource",
headers={
**w.config.authenticate(),
"Content-Type": "application/json",
},
json={"key": "value"},
)
UC function tools with HTTP connections
Databricks recommends using MCP servers or the UC connections proxy for new integrations. UC function tools with http_request remain supported but are no longer the recommended approach.
You can create a Unity Catalog function that wraps http_request() to call external services. This approach is useful for SQL-based tool definitions. See Create AI agent tools using Unity Catalog functions for details on creating UC function tools.
The following example creates a Unity Catalog function tool that posts a message to Slack:
CREATE OR REPLACE FUNCTION main.default.slack_post_message(
text STRING COMMENT 'message content'
)
RETURNS STRING
COMMENT 'Sends a Slack message by passing in the message and returns the response received from the external service.'
RETURN (http_request(
conn => 'test_sql_slack',
method => 'POST',
path => '/api/chat.postMessage',
json => to_json(named_struct(
'channel', "C032G2DAH3",
'text', text
))
)).text
See CREATE FUNCTION (SQL and Python).
SQL access with http_request is blocked for the User-to-Machine Per User connection type. Use the Python Databricks SDK instead.
Example notebooks
Connect an agent to Slack
See Connect an AI agent to Slack.
External connection tools
The following notebooks demonstrate creating AI agent tools that connect to Slack, OpenAI, and Azure AI search.
Slack messaging agent tool
Microsoft Graph API agent tool
Azure AI Search agent tool
Limitations
- External MCP connections don't support private connectivity to resources in your VPC using Private Service Connect. If your AI agents need to connect to resources in your VPC, reach out to your support team.