Enable SSO for Databricks
Enable SSO authentication for your Databricks connections in Atlan to let users securely query and preview data using their SSO credentials. This guide walks you through setting up a custom OAuth application in Databricks and configuring SSO authentication in Atlan.
Prerequisites
Before you begin, make sure you have:
- Databricks account administrator access to create OAuth applications
- Connection admin permissions in Atlan to configure SSO settings
- The Atlan instance URL
Create OAuth application
- In Databricks, from the left menu, click Settings.
- Under Settings, click App connections.
- On the App connections page, from the upper right, click Add connection.
- In the Add connection screen, enter the following details:
- Application Name: Enter a meaningful name (for example,
Atlan_SSO). - Redirect URLs: Enter your Atlan endpoint URI:
https://<your-atlan-instance>.atlan.com/api/service/oauth - Access scopes: Select one:
SQL(minimum required)ALL APIS(broader access)
- Client secret: Select Generate a client secret.
- (Optional) For Access token TTL (in minutes), you can keep the default of
60. - (Optional) For Refresh token TTL (in minutes), you can keep the default of
10080.
- Application Name: Enter a meaningful name (for example,
- Click Add to create the application.
- From the dialog that appears, copy the Client ID and Client secret and store them securely.
- Once you have copied the credentials, you can close the dialog.
Configure SSO authentication
- In Atlan, from the left menu of any screen, click Assets.
- From the Assets page, click the Connectors filter, and from the dropdown, select Databricks.
- From the pills below the search bar at the top of the screen, click Connection.
- From the list of results, select a Databricks connection to enable SSO authentication.
- From the sidebar on the right, next to Connection settings, click Edit.
- In the Connection settings dialog:
- Under Query access, for Authentication type, click SSO authentication to enforce SSO credentials for querying data.
- For SSO authentication, enter the following details:
- For Client ID, enter the client ID you copied from Databricks.
- For Client secret, enter the client secret you copied from Databricks.
- For SSO authentication, enter the following details:
- Under Display sample data, for Source preview, click SSO authentication to enforce SSO credentials for viewing sample data.
- If SSO authentication is enabled for querying data, the same connection details are reused for viewing sample data.
- If a different authentication method is enabled for querying data, enter the client ID and client secret you copied from Databricks.
- (Optional) Toggle on Enable data policies created at source to apply for querying in Atlan to apply any data policies and user permissions at source to querying data and viewing sample data in Atlan. If toggled on, any existing data policies on the connection in Atlan are deactivated and creation of new data policies is disabled.
- Under Query access, for Authentication type, click SSO authentication to enforce SSO credentials for querying data.
- At the bottom right of the Connection settings dialog, click Update.
Users can now query data and view sample data data in Atlan using their SSO credentials.
Next steps
- Crawl Databricks assets: Discover and catalog Databricks metadata in Atlan.