This feature is in Public Preview.
Databricks supports SCIM, or System for Cross-domain Identity Management, an open standard that allows you to automate user provisioning using a REST API and JSON. The Databricks SCIM API follows version 2.0 of the SCIM protocol.
A Databricks workspace administrator can invoke all SCIM API endpoints:
For workspace SCIM APIs workspaces, for the examples, replace
<databricks-instance> with the workspace URL of your Databricks deployment.
Important! The Databricks admin user who generates this token should not be managed by your identity provider (IdP). A Databricks admin user who is managed by the IdP can be deprovisioned using the IdP, which would cause your SCIM provisioning integration to be disabled.
Instead of an
|Content-Type (required for write operations)||
|Accept (required for read operations)||
Use filters to return a subset of users or groups. For all users, the user
userName and group
displayName fields are supported. Admin users can filter users on the
|eq||equals||Attribute and operator values must be identical.|
|ne||not equal to||Attribute and operator values are not identical.|
|co||contains||Operator value must be a substring of attribute value.|
|sw||starts with||Attribute must start with and contain operator value.|
|and||logical AND||Match when all expressions evaluate to true.|
|or||logical OR||Match when any expression evaluates to true.|
Sort results using the
sortOrder query parameters. The default is to sort by ID.