SCIM API 2.0
Preview
This feature is in Public Preview.
Databricks supports SCIM, or System for Cross-domain Identity Management, an open standard that allows you to automate user provisioning using a REST API and JSON. The Databricks SCIM API follows version 2.0 of the SCIM protocol.
SCIM 2.0 APIs
A Databricks workspace administrator can invoke all SCIM API endpoints:
Non-admin users can invoke the Me Get endpoint, the Users Get endpoint to display names and IDs, and the Group Get endpoint to display group display names and IDs.
Call workspace SCIM APIs
For workspace SCIM APIs workspaces, for the examples, replace <databricks-instance> with the workspace URL of your Databricks deployment.
https://<databricks-instance>/api/2.0/preview/scim/v2/<api-endpoint>
Header parameters
Parameter |
Type |
Description |
|---|---|---|
Authorization (required) Or: The |
|
Set to Important! The Databricks admin user who generates this token should not be managed by your identity provider (IdP). A Databricks admin user who is managed by the IdP can be deprovisioned using the IdP, which would cause your SCIM provisioning integration to be disabled. Instead of an
|
Content-Type (required for write operations) |
|
Set to |
Accept (required for read operations) |
|
Set to |
Filter results
Use filters to return a subset of users or groups. For all users, the user userName and group displayName fields are supported. Admin users can filter users on the active attribute.
Operator |
Description |
Behavior |
|---|---|---|
eq |
equals |
Attribute and operator values must be identical. |
ne |
not equal to |
Attribute and operator values are not identical. |
co |
contains |
Operator value must be a substring of attribute value. |
sw |
starts with |
Attribute must start with and contain operator value. |
and |
logical AND |
Match when all expressions evaluate to true. |
or |
logical OR |
Match when any expression evaluates to true. |
Sort results
Sort results using the sortBy and sortOrder query parameters. The default is to sort by ID.