Adding a Connection to Databricks

To add a connection to Databricks:

1. In the application console, navigate to the Connections page.
2. At the Add Connections panel, select the icon for the connection you want to add.
3. If the Databricks icon is not available, click the Add More icon to download and install the Databricks connector from the CData site.

For required properties, see the Settings tab.

For connection properties that are not typically required, see the Advanced tab.

Connecting to Databricks

To connect to a Databricks cluster, set the following properties:

• Database: The name of the Databricks database.
• Server: The Server Hostname of your Databricks cluster.
• HTTPPath: The HTTP Path of your Databricks cluster.
• Token: Your personal access token. You can obtain this value by navigating to the User Settings page of your Databricks instance and selecting the Access Tokens tab.

You can find the required values in your Databricks instance by navigating to Clusters and selecting the desired cluster, and selecting the JDBC/ODBC tab under Advanced Options.

Configuring Cloud Storage

The Sync App supports DBFS, Azure Blob Storage, and AWS S3 for uploading CSV files.

DBFS Cloud Storage

To use DBFS for cloud storage, set the CloudStorageType property to DBFS.

Azure Blob Storage

Set the following properties:

• CloudStorageType: Azure Blob storage.
• StoreTableInCloud: True to store tables in cloud storage when creating a new table.
• AzureStorageAccount: The name of your Azure storage account.
• AzureAccessKey: The storage key associated with your Databricks account. Find this via the azure portal (using the root account). Select your storage account and click Access Keys to find this value.
• AzureBlobContainer: Set to the name of you Azure Blob storage container.

AWS S3 Storage

Set the following properties:

• CloudStorageType: AWS S3.
• StoreTableInCloud: True to store tables in cloud storage when creating a new table.
• AWSAccessKey: The AWS account access key. You can acquire this value from your AWS security credentials page.
• AWSSecretKey: Your AWS account secret key. You can acquire this value from your AWS security credentials page.
• AWSS3Bucket: The name of your AWS S3 bucket.
• AWSRegion: The hosting region for your Amazon Web Services. You can obtain the AWS Region value by navigating to the Buckets List page of your Amazon S3 service, for example, us-east-1.

Authenticating to Databricks

CData supports the following authentication schemes:

• Basic
• Personal Access Token
• Azure Active Directory (AD)
• Azure Service Principal

Basic

Basic authentication requires a username and password. Set the following:

• AuthScheme: Basic.
• User: Your username. This overrides the default value ("Token").
• Token: Your password.

Personal Access Token

To authenticate, set the following:

• AuthScheme: PersonalAccessToken.
• Token: The token used to access the Databricks server. It can be obtained by navigating to the User Settings page of your Databricks instance and selecting the Access Tokens tab.

Azure Active Directory

To authenticate, follow these steps:

1. Register an application with the AzureAD (now known as Microsoft Entra ID) endpoint in the Azure portal. See Configure an app in Azure portal for how to create and register the application. Alternatively, you can use a AzureAD application that is already registered.

2. Set these properties:
   • AzureTenant: The "Directory(tenant) ID" in the AzureAD application "Overview" page
   • OAuthClientId: The "Application(client) ID" in the AzureAD application "Overview" page.
   • CallbackURL: The "Redirect URIs" in AzureAD application "Authentication" page

3. When connecting, a web page opens that prompts you to authenticate. After successful authentication, the connection is established.

Here is an example of the connection string:

"Server=https://adb-8439982502599436.16.azuredatabricks.net;HTTPPath=sql/protocolv1/o/8439982502599436/0810-011933-odsz4s3r;database=default;
AuthScheme=AzureAD;InitiateOAuth=GETANDREFRESH;AzureTenant=94be69e7-edb4-4fda-ab12-95bfc22b232f;OAuthClientId=f544a825-9b69-43d9-bec2-3e99727a1669;CallbackURL=http://localhost;"

Azure AD Service Principal

To authenticate, set the following properties:

• AuthScheme: AzureServicePrincipal.
• AzureTenantId: The tenant ID of your Microsoft Azure Active Directory.
• AzureClientId: The application (client) ID of your Microsoft Azure Active Directory application.
• AzureClientSecret: The application (client) secret of your Microsoft Azure Active Directory application.
• AzureSubscriptionId: The Subscription Id of your Microsoft Azure Databricks Service Workspace.
• AzureResourceGroup: The Resource Group name of your Microsoft Azure Databricks Service Workspace.
• AzureWorkspace: The name of your Microsoft Azure Databricks Service Workspace.

This section details a selection of advanced features of the Databricks Sync App.

User Defined Views

The Sync App allows you to define virtual tables, called user defined views, whose contents are decided by a pre-configured query. These views are useful when you cannot directly control queries being issued to the drivers. See User Defined Views for an overview of creating and configuring custom views.

SSL Configuration

Use SSL Configuration to adjust how Sync App handles TLS/SSL certificate negotiations. You can choose from various certificate formats; see the SSLServerCert property under "Connection String Options" for more information.

Firewall and Proxy

Configure the Sync App for compliance with Firewall and Proxy, including Windows proxies and HTTP proxies. You can also set up tunnel connections.

Query Processing

The Sync App offloads as much of the SELECT statement processing as possible to Databricks and then processes the rest of the query in memory (client-side).

See Query Processing for more information.

Logging

See Logging for an overview of configuration settings that can be used to refine CData logging. For basic logging, you only need to set two connection properties, but there are numerous features that support more refined logging, where you can select subsets of information to be logged using the LogModules connection property.

Customizing the SSL Configuration

By default, the Sync App attempts to negotiate SSL/TLS by checking the server's certificate against the system's trusted certificate store.

To specify another certificate, see the SSLServerCert property for the available formats to do so.

Client SSL Certificates

The Databricks Sync App also supports setting client certificates. Set the following to connect using a client certificate.

• SSLClientCert: The name of the certificate store for the client certificate.
• SSLClientCertType: The type of key store containing the TLS/SSL client certificate.
• SSLClientCertPassword: The password for the TLS/SSL client certificate.
• SSLClientCertSubject: The subject of the TLS/SSL client certificate.

Connecting Through a Firewall or Proxy

HTTP Proxies

To connect through the Windows system proxy, you do not need to set any additional connection properties. To connect to other proxies, set ProxyAutoDetect to false.

In addition, to authenticate to an HTTP proxy, set ProxyAuthScheme, ProxyUser, and ProxyPassword, in addition to ProxyServer and ProxyPort.

Other Proxies

Set the following properties:

• To use a proxy-based firewall, set FirewallType, FirewallServer, and FirewallPort.
• To tunnel the connection, set FirewallType to TUNNEL.
• To authenticate, specify FirewallUser and FirewallPassword.
• To authenticate to a SOCKS proxy, additionally set FirewallType to SOCKS5.

The Sync App leverages Databricks Thrift to enable bidirectional SQL access to Databricks data. It supports Databricks databases running Databricks Runtime Version 9.1 - 13.X and the Pro and Classic Databricks SQL versions.

Discovering Schemas

The CData Sync App dynamically obtains the Databricks schemas; reconnect to pick up any metadata changes, such as added or removed columns or changes in data type.

The connection string properties are the various options that can be used to establish a connection. This section provides a complete list of the options you can configure in the connection string for this provider. Click the links for further details.

For more information on establishing a connection, see Establishing a Connection.

Authentication

---

Property	Description
AuthScheme	The authentication scheme used. Accepted entries are PersonalAccessToken, AzureServicePrincipal.
Server	The host name or IP address of the server hosting the Databricks database.
User	The username used to authenticate with Databricks.
ProtocolVersion	The Protocol Version used to authenticate with Databricks.
Database	The name of the Databricks database.
HTTPPath	The path component of the URL endpoint.
Token	The token used to access the Databricks server.

AWS Authentication

---

Property	Description
AWSAccessKey	Your AWS account access key. This value is accessible from your AWS security credentials page.
AWSSecretKey	Your AWS account secret key. This value is accessible from your AWS security credentials page.
AWSRegion	The hosting region for your Amazon Web Services.
AWSS3Bucket	The name of your AWS S3 bucket.

Azure Authentication

---

Property	Description
AzureStorageAccount	The name of your Azure storage account.
AzureAccessKey	The storage key associated with your Azure account.
AzureTenant	The Microsoft Online tenant being used to access data. If not specified, your default tenant is used.
AzureBlobContainer	The name of your Azure Blob storage container.

AzureServicePrincipal Authentication

---

Property	Description
AzureTenantId	The Tenant id of your Microsoft Azure Active Directory.
AzureClientId	The application(client) id of your Microsoft Azure Active Directory application.
AzureClientSecret	The application(client) secret of your Microsoft Azure Active Directory application.
AzureSubscriptionId	The Subscription id of your Azure Databricks Service Workspace.
AzureResourceGroup	The Resource Group name of your Azure Databricks Service Workspace.
AzureWorkspace	The name of your Azure Databricks Service Workspace.

OAuth

---

Property	Description
OAuthClientId	The client Id assigned when you register your application with an OAuth authorization server.

SSL

---

Property	Description
SSLClientCert	The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).
SSLClientCertType	The type of key store containing the TLS/SSL client certificate.
SSLClientCertPassword	The password for the TLS/SSL client certificate.
SSLClientCertSubject	The subject of the TLS/SSL client certificate.
SSLServerCert	The certificate to be accepted from the server when connecting using TLS/SSL.

Firewall

---

Property	Description
FirewallType	The protocol used by a proxy-based firewall.
FirewallServer	The name or IP address of a proxy-based firewall.
FirewallPort	The TCP port for a proxy-based firewall.
FirewallUser	The user name to use to authenticate with a proxy-based firewall.
FirewallPassword	A password used to authenticate to a proxy-based firewall.

Proxy

---

Property	Description
ProxyAutoDetect	This indicates whether to use the system proxy settings or not.
ProxyServer	The hostname or IP address of a proxy to route HTTP traffic through.
ProxyPort	The TCP port the ProxyServer proxy is running on.
ProxyAuthScheme	The authentication type to use to authenticate to the ProxyServer proxy.
ProxyUser	A user name to be used to authenticate to the ProxyServer proxy.
ProxyPassword	A password to be used to authenticate to the ProxyServer proxy.
ProxySSLType	The SSL type to use when connecting to the ProxyServer proxy.
ProxyExceptions	A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer .

Logging

---

Property	Description
LogModules	Core modules to be included in the log file.

Schema

---

Property	Description
Location	A path to the directory that contains the schema files defining tables, views, and stored procedures.
BrowsableSchemas	This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.
Tables	This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.
Views	Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.
Catalog	The default catalog name.
PrimaryKeyIdentifiers	Set this property to define primary keys.

Databricks

---

Property	Description
CloudStorageType	Determine which cloud storage service will be used.
StoreTableInCloud	This option specifies whether Databricks server will create and save tables in cloud storage.
QueryTableDetails	Specifies whether to use DESCRIBE FORMATTED ... to query detailed table information. If set to True, the query runs for a long time.
UseUploadApi	This option specifies whether the Databricks Upload API will be used when executing Bulk INSERT operations.
UseCloudFetch	This option specifies whether to use CloudWatch to improve query efficiency when the data volume of the table is large.
UseLegacyDataModel	This option specifies whether to support Unity Catalog.
QueryAllMetadata	This option specifies whether to query all catalogs and schemas/databases or only the default catalog and schema/database if catalog and schema parameters are not specified when querying metadata. The default catalog is specified by the property Catalog . The default schema/database is specified by the property Database .

Miscellaneous

---

Property	Description
AllowPreparedStatement	Prepare a query statement before its execution.
ConnectRetryWaitTime	This property specifies the number of seconds to wait prior to retrying a connection request. It only applies to the following case: when attempting to establish a connection to the Databricks cluster, you receive the response 'HTTP response with error code 503: The Cluster is starting'.
ApplicationName	The application name connection string property expresses the HTTP User-Agent.
AsyncQueryTimeout	The timeout for asynchronous requests issued by the provider to download large result sets.
DescribeCommand	The describe command used to communicate with the Hive server. Accepted entries are DESCRIBE and DESC.
DetectView	Specifies whether to use DESCRIBE FORMATTED ... to detect the specified table is view or not.
MaxRows	Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
Other	These hidden properties are used only in specific use cases.
PseudoColumns	This property indicates whether or not to include pseudo columns as columns to the table.
QueryPassthrough	This option passes the query to the Databricks server as is.
ServerConfigurations	A name-value list of server configuration variables to override the server defaults.
Timeout	The value in seconds until the timeout error is thrown, canceling the operation.
UseDescTableQuery	This option specifies whether the columns will be retrieved using a DESC TABLE query or the GetColumns Thrift API.The GetColumns Thrift API works for the Apache Spark 3.0.0 or later.
UseInsertSelectSyntax	Specifies whether to use an INSERT INTO SELECT statement.
UserDefinedViews	A filepath pointing to the JSON configuration file containing your custom views.

This section provides a complete list of the Authentication properties you can configure in the connection string for this provider.

---

Property	Description
AuthScheme	The authentication scheme used. Accepted entries are PersonalAccessToken, AzureServicePrincipal.
Server	The host name or IP address of the server hosting the Databricks database.
User	The username used to authenticate with Databricks.
ProtocolVersion	The Protocol Version used to authenticate with Databricks.
Database	The name of the Databricks database.
HTTPPath	The path component of the URL endpoint.
Token	The token used to access the Databricks server.

The authentication scheme used. Accepted entries are PersonalAccessToken, AzureServicePrincipal.

Remarks

The Sync App supports the following authentication mechanisms. See the Getting Started chapter for authentication guides.

• PersonalAccessToken: Set this to authenticate with Databricks' access token.
• Basic: Set this to authenticate with Databricks' user and access token.
• AzureServicePrincipal: Set this along with AzureTenantId, AzureClientId, AzureClientSecret, AzureSubscriptionId, AzureResourceGroup and AzureWorkspace to authenticate with the Azure Service Principal. You should follow the instructions in https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/service-prin-aad-token#--provision-a-service-principal-in-azure-portal to register an AzureAD application(client), and then follow the instructions in https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal?tabs=current to make sure that the service principal is assigned the Contributor or Owner role on the target Databricks workspace resource in Azure.
• AzureAD: Set this along with AzureTenant, OAuthClientId and CallbackURL to authenticate with the Azure Active Directory OAuth. You should follow the instructions in https://learn.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/aad/app-aad-token#configure-an-app-in-azure-portal to register an AzureAD application(client).

The host name or IP address of the server hosting the Databricks database.

Remarks

The host name or IP address of the server hosting the Databricks database.

The username used to authenticate with Databricks.

Remarks

The username used to authenticate with Databricks.

The Protocol Version used to authenticate with Databricks.

Remarks

The Protocol Version used to authenticate with Databricks.

The name of the Databricks database.

Remarks

The name of the Databricks database.

The path component of the URL endpoint.

Remarks

This property is used to specify the path component of the URL endpoint.

This property can be found by following the path: Databricks main page -> Compute(in left panel) -> {your Cluster} -> Advanced options(in Configuration tab) -> JDBC/ODBC - HTTP Path

The token used to access the Databricks server.

Remarks

The token can be obtained by navigating to the User Settings page of your Databricks instance and selecting the Access Tokens tab.

This section provides a complete list of the AWS Authentication properties you can configure in the connection string for this provider.

---

Property	Description
AWSAccessKey	Your AWS account access key. This value is accessible from your AWS security credentials page.
AWSSecretKey	Your AWS account secret key. This value is accessible from your AWS security credentials page.
AWSRegion	The hosting region for your Amazon Web Services.
AWSS3Bucket	The name of your AWS S3 bucket.

Your AWS account access key. This value is accessible from your AWS security credentials page.

Remarks

Your AWS account access key. This value is accessible from your AWS security credentials page:

1. Sign into the AWS Management console with the credentials for your root account.
2. Select your account name or number and select My Security Credentials in the menu that is displayed.
3. Click Continue to Security Credentials and expand the Access Keys section to manage or create root account access keys.

Your AWS account secret key. This value is accessible from your AWS security credentials page.

Remarks

Your AWS account secret key. This value is accessible from your AWS security credentials page:

1. Sign into the AWS Management console with the credentials for your root account.
2. Select your account name or number and select My Security Credentials in the menu that is displayed.
3. Click Continue to Security Credentials and expand the Access Keys section to manage or create root account access keys.

The hosting region for your Amazon Web Services.

Remarks

The hosting region for your Amazon Web Services. Available values are OHIO, NORTHERNVIRGINIA, NORTHERNCALIFORNIA, OREGON, CAPETOWN, HONGKONG, JAKARTA, MUMBAI, OSAKA, SEOUL, SINGAPORE, SYDNEY, TOKYO, CENTRAL, BEIJING, NINGXIA, FRANKFURT, IRELAND, LONDON, MILAN, PARIS, STOCKHOLM, ZURICH, BAHRAIN, UAE, SAOPAULO, GOVCLOUDEAST, and GOVCLOUDWEST.

The name of your AWS S3 bucket.

Remarks

The name of your AWS S3 bucket.

This section provides a complete list of the Azure Authentication properties you can configure in the connection string for this provider.

---

Property	Description
AzureStorageAccount	The name of your Azure storage account.
AzureAccessKey	The storage key associated with your Azure account.
AzureTenant	The Microsoft Online tenant being used to access data. If not specified, your default tenant is used.
AzureBlobContainer	The name of your Azure Blob storage container.

The name of your Azure storage account.

Remarks

The name of your Azure storage account.

The storage key associated with your Azure account.

Remarks

The storage key associated with your Databricks account. You can retrieve it as follows:

1. Sign into the azure portal with the credentials for your root account. (https://portal.azure.com/)
2. Click on storage accounts and select the storage account you want to use.
3. Under settings, click Access keys.
4. Your storage account name and key will be displayed on that page.

The Microsoft Online tenant being used to access data. If not specified, your default tenant is used.

Remarks

The Microsoft Online tenant being used to access data. For instance, contoso.onmicrosoft.com. Alternatively, specify the tenant Id. This value is the directory Id in the Azure Portal > Azure Active Directory > Properties.

Typically it is not necessary to specify the Tenant. This can be automatically determined by Microsoft when using the OAuthGrantType set to CODE (default). However, it may fail in the case that the user belongs to multiple tenants. For instance, if an Admin of domain A invites a user of domain B to be a guest user. The user will now belong to both tenants. It is a good practice to specify the Tenant, although in general things should normally work without having to specify it.

The AzureTenant is required when setting OAuthGrantType to CLIENT. When using client credentials, there is no user context. The credentials are taken from the context of the app itself. While Microsoft still allows client credentials to be obtained without specifying which Tenant, it has a much lower probability of picking the specific tenant you want to work with. For this reason, we require AzureTenant to be explicitly stated for all client credentials connections to ensure you get credentials that are applicable for the domain you intend to connect to.

The name of your Azure Blob storage container.

Remarks

The name of your Azure Blob storage container.

This section provides a complete list of the AzureServicePrincipal Authentication properties you can configure in the connection string for this provider.

---

Property	Description
AzureTenantId	The Tenant id of your Microsoft Azure Active Directory.
AzureClientId	The application(client) id of your Microsoft Azure Active Directory application.
AzureClientSecret	The application(client) secret of your Microsoft Azure Active Directory application.
AzureSubscriptionId	The Subscription id of your Azure Databricks Service Workspace.
AzureResourceGroup	The Resource Group name of your Azure Databricks Service Workspace.
AzureWorkspace	The name of your Azure Databricks Service Workspace.

The Tenant id of your Microsoft Azure Active Directory.

Remarks

The Tenant id of your Microsoft Azure Active Directory.

The application(client) id of your Microsoft Azure Active Directory application.

Remarks

The application(client) can be registered following the AuthScheme -> AzureServicePrincipal.

The application(client) secret of your Microsoft Azure Active Directory application.

Remarks

The application(client) can be registered following the AuthScheme -> AzureServicePrincipal.

The Subscription id of your Azure Databricks Service Workspace.

Remarks

The Subscription id of your Azure Databricks Service Workspace.

The Resource Group name of your Azure Databricks Service Workspace.

Remarks

The Resource Group name of your Azure Databricks Service Workspace.

The name of your Azure Databricks Service Workspace.

Remarks

The name of your Azure Databricks Service Workspace.

This section provides a complete list of the OAuth properties you can configure in the connection string for this provider.

---

Property	Description
OAuthClientId	The client Id assigned when you register your application with an OAuth authorization server.

The client Id assigned when you register your application with an OAuth authorization server.

Remarks

As part of registering an OAuth application, you will receive the OAuthClientId value, sometimes also called a consumer key, and a client secret, the OAuthClientSecret.

This section provides a complete list of the SSL properties you can configure in the connection string for this provider.

---

Property	Description
SSLClientCert	The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).
SSLClientCertType	The type of key store containing the TLS/SSL client certificate.
SSLClientCertPassword	The password for the TLS/SSL client certificate.
SSLClientCertSubject	The subject of the TLS/SSL client certificate.
SSLServerCert	The certificate to be accepted from the server when connecting using TLS/SSL.

The TLS/SSL client certificate store for SSL Client Authentication (2-way SSL).

Remarks

The name of the certificate store for the client certificate.

The SSLClientCertType field specifies the type of the certificate store specified by SSLClientCert. If the store is password protected, specify the password in SSLClientCertPassword.

SSLClientCert is used in conjunction with the SSLClientCertSubject field in order to specify client certificates. If SSLClientCert has a value, and SSLClientCertSubject is set, a search for a certificate is initiated. See SSLClientCertSubject for more information.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.
SPC	Software publisher certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (for example, PKCS12 certificate store).

The type of key store containing the TLS/SSL client certificate.

Remarks

This property can take one of the following values:

USER - default	For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note that this store type is not available in Java.
MACHINE	For Windows, this specifies that the certificate store is a machine store. Note that this store type is not available in Java.
PFXFILE	The certificate store is the name of a PFX (PKCS12) file containing certificates.
PFXBLOB	The certificate store is a string (base-64-encoded) representing a certificate store in PFX (PKCS12) format.
JKSFILE	The certificate store is the name of a Java key store (JKS) file containing certificates. Note that this store type is only available in Java.
JKSBLOB	The certificate store is a string (base-64-encoded) representing a certificate store in JKS format. Note that this store type is only available in Java.
PEMKEY_FILE	The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
PEMKEY_BLOB	The certificate store is a string (base64-encoded) that contains a private key and an optional certificate.
PUBLIC_KEY_FILE	The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
PUBLIC_KEY_BLOB	The certificate store is a string (base-64-encoded) that contains a PEM- or DER-encoded public key certificate.
SSHPUBLIC_KEY_FILE	The certificate store is the name of a file that contains an SSH-style public key.
SSHPUBLIC_KEY_BLOB	The certificate store is a string (base-64-encoded) that contains an SSH-style public key.
P7BFILE	The certificate store is the name of a PKCS7 file containing certificates.
PPKFILE	The certificate store is the name of a file that contains a PuTTY Private Key (PPK).
XMLFILE	The certificate store is the name of a file that contains a certificate in XML format.
XMLBLOB	The certificate store is a string that contains a certificate in XML format.

The password for the TLS/SSL client certificate.

Remarks

If the certificate store is of a type that requires a password, this property is used to specify that password to open the certificate store.

The subject of the TLS/SSL client certificate.

Remarks

When loading a certificate the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property. If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks the first certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For example, "CN=www.server.com, OU=test, C=US, [email protected]". The common fields and their meanings are shown below.

Field	Meaning
CN	Common Name. This is commonly a host name like www.server.com.
O	Organization
OU	Organizational Unit
L	Locality
S	State
C	Country
E	Email Address

If a field value contains a comma, it must be quoted.

The certificate to be accepted from the server when connecting using TLS/SSL.

Remarks

If using a TLS/SSL connection, this property can be used to specify the TLS/SSL certificate to be accepted from the server. Any other certificate that is not trusted by the machine is rejected.

This property can take the following forms:

Description	Example
A full PEM Certificate (example shortened for brevity)	-----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE-----
A path to a local file containing the certificate	C:\cert.cer
The public key (example shortened for brevity)	-----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY-----
The MD5 Thumbprint (hex values can also be either space or colon separated)	ecadbdda5a1529c58a1e9e09828d70e4
The SHA1 Thumbprint (hex values can also be either space or colon separated)	34a929226ae0819f2ec14b4a3d904f801cbb150d

If not specified, any certificate trusted by the machine is accepted.

Use '*' to signify to accept all certificates. Note that this is not recommended due to security concerns.

This section provides a complete list of the Firewall properties you can configure in the connection string for this provider.

---

Property	Description
FirewallType	The protocol used by a proxy-based firewall.
FirewallServer	The name or IP address of a proxy-based firewall.
FirewallPort	The TCP port for a proxy-based firewall.
FirewallUser	The user name to use to authenticate with a proxy-based firewall.
FirewallPassword	A password used to authenticate to a proxy-based firewall.

The protocol used by a proxy-based firewall.

Remarks

This property specifies the protocol that the Sync App will use to tunnel traffic through the FirewallServer proxy. Note that by default, the Sync App connects to the system proxy; to disable this behavior and connect to one of the following proxy types, set ProxyAutoDetect to false.

Type	Default Port	Description
TUNNEL	80	When this is set, the Sync App opens a connection to Databricks and traffic flows back and forth through the proxy.
SOCKS4	1080	When this is set, the Sync App sends data through the SOCKS 4 proxy specified by FirewallServer and FirewallPort and passes the FirewallUser value to the proxy, which determines if the connection request should be granted.
SOCKS5	1080	When this is set, the Sync App sends data through the SOCKS 5 proxy specified by FirewallServer and FirewallPort. If your proxy requires authentication, set FirewallUser and FirewallPassword to credentials the proxy recognizes.

To connect to HTTP proxies, use ProxyServer and ProxyPort. To authenticate to HTTP proxies, use ProxyAuthScheme, ProxyUser, and ProxyPassword.

The name or IP address of a proxy-based firewall.

Remarks

This property specifies the IP address, DNS name, or host name of a proxy allowing traversal of a firewall. The protocol is specified by FirewallType: Use FirewallServer with this property to connect through SOCKS or do tunneling. Use ProxyServer to connect to an HTTP proxy.

Note that the Sync App uses the system proxy by default. To use a different proxy, set ProxyAutoDetect to false.

The TCP port for a proxy-based firewall.

Remarks

This specifies the TCP port for a proxy allowing traversal of a firewall. Use FirewallServer to specify the name or IP address. Specify the protocol with FirewallType.

The user name to use to authenticate with a proxy-based firewall.

Remarks

The FirewallUser and FirewallPassword properties are used to authenticate against the proxy specified in FirewallServer and FirewallPort, following the authentication method specified in FirewallType.

A password used to authenticate to a proxy-based firewall.

Remarks

This property is passed to the proxy specified by FirewallServer and FirewallPort, following the authentication method specified by FirewallType.

This section provides a complete list of the Proxy properties you can configure in the connection string for this provider.

---

Property	Description
ProxyAutoDetect	This indicates whether to use the system proxy settings or not.
ProxyServer	The hostname or IP address of a proxy to route HTTP traffic through.
ProxyPort	The TCP port the ProxyServer proxy is running on.
ProxyAuthScheme	The authentication type to use to authenticate to the ProxyServer proxy.
ProxyUser	A user name to be used to authenticate to the ProxyServer proxy.
ProxyPassword	A password to be used to authenticate to the ProxyServer proxy.
ProxySSLType	The SSL type to use when connecting to the ProxyServer proxy.
ProxyExceptions	A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer .

This indicates whether to use the system proxy settings or not.

Remarks

This takes precedence over other proxy settings, so you'll need to set ProxyAutoDetect to FALSE in order use custom proxy settings.

To connect to an HTTP proxy, see ProxyServer. For other proxies, such as SOCKS or tunneling, see FirewallType.

The hostname or IP address of a proxy to route HTTP traffic through.

Remarks

The hostname or IP address of a proxy to route HTTP traffic through. The Sync App can use the HTTP, Windows (NTLM), or Kerberos authentication types to authenticate to an HTTP proxy.

If you need to connect through a SOCKS proxy or tunnel the connection, see FirewallType.

By default, the Sync App uses the system proxy. If you need to use another proxy, set ProxyAutoDetect to false.

The TCP port the ProxyServer proxy is running on.

Remarks

The port the HTTP proxy is running on that you want to redirect HTTP traffic through. Specify the HTTP proxy in ProxyServer. For other proxy types, see FirewallType.

The authentication type to use to authenticate to the ProxyServer proxy.

Remarks

This value specifies the authentication type to use to authenticate to the HTTP proxy specified by ProxyServer and ProxyPort.

Note that the Sync App will use the system proxy settings by default, without further configuration needed; if you want to connect to another proxy, you will need to set ProxyAutoDetect to false, in addition to ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.

The authentication type can be one of the following:

• BASIC: The Sync App performs HTTP BASIC authentication.
• DIGEST: The Sync App performs HTTP DIGEST authentication.
• NEGOTIATE: The Sync App retrieves an NTLM or Kerberos token based on the applicable protocol for authentication.
• PROPRIETARY: The Sync App does not generate an NTLM or Kerberos token. You must supply this token in the Authorization header of the HTTP request.

If you need to use another authentication type, such as SOCKS 5 authentication, see FirewallType.

A user name to be used to authenticate to the ProxyServer proxy.

Remarks

The ProxyUser and ProxyPassword options are used to connect and authenticate against the HTTP proxy specified in ProxyServer.

You can select one of the available authentication types in ProxyAuthScheme. If you are using HTTP authentication, set this to the user name of a user recognized by the HTTP proxy. If you are using Windows or Kerberos authentication, set this property to a user name in one of the following formats:

user@domain
domain\user

A password to be used to authenticate to the ProxyServer proxy.

Remarks

This property is used to authenticate to an HTTP proxy server that supports NTLM (Windows), Kerberos, or HTTP authentication. To specify the HTTP proxy, you can set ProxyServer and ProxyPort. To specify the authentication type, set ProxyAuthScheme.

If you are using HTTP authentication, additionally set ProxyUser and ProxyPassword to HTTP proxy.

If you are using NTLM authentication, set ProxyUser and ProxyPassword to your Windows password. You may also need these to complete Kerberos authentication.

For SOCKS 5 authentication or tunneling, see FirewallType.

By default, the Sync App uses the system proxy. If you want to connect to another proxy, set ProxyAutoDetect to false.

The SSL type to use when connecting to the ProxyServer proxy.

Remarks

This property determines when to use SSL for the connection to an HTTP proxy specified by ProxyServer. This value can be AUTO, ALWAYS, NEVER, or TUNNEL. The applicable values are the following:

AUTO	Default setting. If the URL is an HTTPS URL, the Sync App will use the TUNNEL option. If the URL is an HTTP URL, the component will use the NEVER option.
ALWAYS	The connection is always SSL enabled.
NEVER	The connection is not SSL enabled.
TUNNEL	The connection is through a tunneling proxy. The proxy server opens a connection to the remote host and traffic flows back and forth through the proxy.

A semicolon separated list of destination hostnames or IPs that are exempt from connecting through the ProxyServer .

Remarks

The ProxyServer is used for all addresses, except for addresses defined in this property. Use semicolons to separate entries.

Note that the Sync App uses the system proxy settings by default, without further configuration needed; if you want to explicitly configure proxy exceptions for this connection, you need to set ProxyAutoDetect = false, and configure ProxyServer and ProxyPort. To authenticate, set ProxyAuthScheme and set ProxyUser and ProxyPassword, if needed.

This section provides a complete list of the Logging properties you can configure in the connection string for this provider.

---

Property	Description
LogModules	Core modules to be included in the log file.

Core modules to be included in the log file.

Remarks

Only the modules specified (separated by ';') will be included in the log file. By default all modules are included.

See the Logging page for an overview.

This section provides a complete list of the Schema properties you can configure in the connection string for this provider.

---

Property	Description
Location	A path to the directory that contains the schema files defining tables, views, and stored procedures.
BrowsableSchemas	This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.
Tables	This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.
Views	Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.
Catalog	The default catalog name.
PrimaryKeyIdentifiers	Set this property to define primary keys.

A path to the directory that contains the schema files defining tables, views, and stored procedures.

Remarks

The path to a directory which contains the schema files for the Sync App (.rsd files for tables and views, .rsb files for stored procedures). The folder location can be a relative path from the location of the executable. The Location property is only needed if you want to customize definitions (for example, change a column name, ignore a column, and so on) or extend the data model with new tables, views, or stored procedures.

If left unspecified, the default location is "%APPDATA%\\CData\\Databricks Data Provider\\Schema" with %APPDATA% being set to the user's configuration directory:

Platform	%APPDATA%
Windows	The value of the APPDATA environment variable
Linux	~/.config

This property restricts the schemas reported to a subset of the available schemas. For example, BrowsableSchemas=SchemaA,SchemaB,SchemaC.

Remarks

Listing the schemas from databases can be expensive. Providing a list of schemas in the connection string improves the performance.

This property restricts the tables reported to a subset of the available tables. For example, Tables=TableA,TableB,TableC.

Remarks

Listing the tables from some databases can be expensive. Providing a list of tables in the connection string improves the performance of the Sync App.

This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.

Specify the tables you want in a comma-separated list. Each table should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Tables=TableA,[TableB/WithSlash],WithCatalog.WithSchema.`TableC With Space`.

Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.

Restricts the views reported to a subset of the available tables. For example, Views=ViewA,ViewB,ViewC.

Remarks

Listing the views from some databases can be expensive. Providing a list of views in the connection string improves the performance of the Sync App.

This property can also be used as an alternative to automatically listing views if you already know which ones you want to work with and there would otherwise be too many to work with.

Specify the views you want in a comma-separated list. Each view should be a valid SQL identifier with any special characters escaped using square brackets, double-quotes or backticks. For example, Views=ViewA,[ViewB/WithSlash],WithCatalog.WithSchema.`ViewC With Space`.

Note that when connecting to a data source with multiple schemas or catalogs, you will need to provide the fully qualified name of the table in this property, as in the last example here, to avoid ambiguity between tables that exist in multiple catalogs or schemas.

The default catalog name.

Remarks

When the property UseLegacyDataModel is set to True, this property also needs to be set to sepecify a default catalog. In most cases this should be "hive_metastore".

Set this property to define primary keys.

Remarks

Databricks does not natively support primary keys, but for certain DML operations or database tools you may need to define them. By default this option is disabled so that no tables have primary keys.

Primary keys are defined using a list of rules that match tables and provide a list of key columns. For example, PrimaryKeyIdentifiers="*=my_key;my_table=my_key2,my_key3;my_nokeys_table=;" has three rules separated by semicolons:

1. The first rule *=my_key means that every table without a more specific rule contains one primary key column called my_key. Tables without a my_key column do not have any primary keys. Multiple keys are supported; set *=my_key,my_key2" to specify them.
2. The second rule my_table=my_key2,my_key3 means that the my_table table contains the two primary key columns my_key2 and my_key3. If any of those columns are missing from the table they are ignored.
3. The third rule my_nokeys_table= means that the my_nokeys_table table has no primary keys. The only use that empty key lists have is overriding the default rule. If there is no default rule present, only tables with primary keys are explicitly listed.

Note that the table names can include

• just the table
• the table and schema
• the table, schema, and catalog

You can use SQL quotes to specify column and table names:

/* Rules with just table names use the default connection Catalog and Schema. 
   All these rules refer to the same table with a connection where Catalog=someCatalog;Schema=someSchema */

someTable=a,b,c
someSchema.someTable=a,b,c
someCatalog.someSchema.someTable=a,b,c

/* Any table or column name may be quoted */
`someCatalog`."someSchema".[someTable]=`a`,[b],"c"

This section provides a complete list of the Databricks properties you can configure in the connection string for this provider.

---

Property	Description
CloudStorageType	Determine which cloud storage service will be used.
StoreTableInCloud	This option specifies whether Databricks server will create and save tables in cloud storage.
QueryTableDetails	Specifies whether to use DESCRIBE FORMATTED ... to query detailed table information. If set to True, the query runs for a long time.
UseUploadApi	This option specifies whether the Databricks Upload API will be used when executing Bulk INSERT operations.
UseCloudFetch	This option specifies whether to use CloudWatch to improve query efficiency when the data volume of the table is large.
UseLegacyDataModel	This option specifies whether to support Unity Catalog.
QueryAllMetadata	This option specifies whether to query all catalogs and schemas/databases or only the default catalog and schema/database if catalog and schema parameters are not specified when querying metadata. The default catalog is specified by the property Catalog . The default schema/database is specified by the property Database .

Determine which cloud storage service will be used.

Remarks

By default, the "DBFS" provided by Databricks is used. If set to "Azure Blob storage", these properties are required: AzureStorageAccount AzureAccessKey AzureBlobContainer If set to "AWS S3", these properties are required: AWSAccessKey AWSSecretKey AWSS3Bucket AWSRegion

This option specifies whether Databricks server will create and save tables in cloud storage.

Remarks

Setting this property to "True" will create and save tables in cloud storage, in this case the CloudStorageType property cannot be "DBFS".

Specifies whether to use DESCRIBE FORMATTED ... to query detailed table information. If set to True, the query runs for a long time.

Remarks

Specifies whether to use DESCRIBE FORMATTED ... to query detailed table information. If set to True, the query runs for a long time.

This option specifies whether the Databricks Upload API will be used when executing Bulk INSERT operations.

Remarks

Setting this property to true will improve performance if there is a large amount of data in a Bulk INSERT operation.

This option specifies whether to use CloudWatch to improve query efficiency when the data volume of the table is large.

Remarks

This option specifies whether to use CloudWatch to improve query efficiency when the table contains over one million entries.

This option specifies whether to support Unity Catalog.

Remarks

True by default. This enables multi-catalog support for both the Unity Catalog and the single-catalog case. A single catalog is usually named "hive_metastore".

Setting this property to False disables multi-catalog support, in which case there is only one catalog, named "CData".

This option specifies whether to query all catalogs and schemas/databases or only the default catalog and schema/database if catalog and schema parameters are not specified when querying metadata. The default catalog is specified by the property Catalog . The default schema/database is specified by the property Database .

Remarks

True by default. The driver will query metadata from all catalogs and schemas/databases.

Setting this property to False to query metadata only from the default catalog and schema/database.

This section provides a complete list of the Miscellaneous properties you can configure in the connection string for this provider.

---

Property	Description
AllowPreparedStatement	Prepare a query statement before its execution.
ConnectRetryWaitTime	This property specifies the number of seconds to wait prior to retrying a connection request. It only applies to the following case: when attempting to establish a connection to the Databricks cluster, you receive the response 'HTTP response with error code 503: The Cluster is starting'.
ApplicationName	The application name connection string property expresses the HTTP User-Agent.
AsyncQueryTimeout	The timeout for asynchronous requests issued by the provider to download large result sets.
DescribeCommand	The describe command used to communicate with the Hive server. Accepted entries are DESCRIBE and DESC.
DetectView	Specifies whether to use DESCRIBE FORMATTED ... to detect the specified table is view or not.
MaxRows	Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.
Other	These hidden properties are used only in specific use cases.
PseudoColumns	This property indicates whether or not to include pseudo columns as columns to the table.
QueryPassthrough	This option passes the query to the Databricks server as is.
ServerConfigurations	A name-value list of server configuration variables to override the server defaults.
Timeout	The value in seconds until the timeout error is thrown, canceling the operation.
UseDescTableQuery	This option specifies whether the columns will be retrieved using a DESC TABLE query or the GetColumns Thrift API.The GetColumns Thrift API works for the Apache Spark 3.0.0 or later.
UseInsertSelectSyntax	Specifies whether to use an INSERT INTO SELECT statement.
UserDefinedViews	A filepath pointing to the JSON configuration file containing your custom views.

Prepare a query statement before its execution.

Remarks

If the AllowPreparedStatement property is set to false, statements are parsed each time they are executed. Setting this property to false can be useful if you are executing many different queries only once.

If you are executing the same query repeatedly, you will generally see better performance by leaving this property at the default, true. Preparing the query avoids recompiling the same query over and over. However, prepared statements also require the Sync App to keep the connection active and open while the statement is prepared.

This property specifies the number of seconds to wait prior to retrying a connection request. It only applies to the following case: when attempting to establish a connection to the Databricks cluster, you receive the response 'HTTP response with error code 503: The Cluster is starting'.

Remarks

Specify a reasonable positive integer value to enable this feature, generally 30-60 (seconds), and the default value '-1' means to disable this feature. Specify the maximum number of retries with MaximumRequestRetries.

The application name connection string property expresses the HTTP User-Agent.

Remarks

The format is

[isv-name+product-name]/[product-version] [comment]> 

where

• [isv-name+product-name] is the name of the application, with no spaces, parentheses, or new lines.
• [product-version] is the version number of the application, with no spaces, parentheses, or new lines.
• [comment] is optional, with no comma or new lines. Nested comments are not supported.

The timeout for asynchronous requests issued by the provider to download large result sets.

Remarks

If the AsyncQueryTimeout property is set to 0, asynchronous operations will not time out; instead, they will run until they complete successfully or encounter an error condition. This property is distinct from Timeout which applies to individual operations while AsyncQueryTimeout applies to execution time of the operation as a whole.

If AsyncQueryTimeout expires and the asynchronous request has not finished being processed, the Sync App raises an error condition.

The describe command used to communicate with the Hive server. Accepted entries are DESCRIBE and DESC.

Remarks

The describe command used to communicate with the Hive server. Accepted entries are DESCRIBE and DESC.

Specifies whether to use DESCRIBE FORMATTED ... to detect the specified table is view or not.

Remarks

Specifies whether to use DESCRIBE FORMATTED ... to detect the specified table is view or not.

Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.

Remarks

Limits the number of rows returned when no aggregation or GROUP BY is used in the query. This takes precedence over LIMIT clauses.

These hidden properties are used only in specific use cases.

Remarks

The properties listed below are available for specific use cases. Normal driver use cases and functionality should not require these properties.

Specify multiple properties in a semicolon-separated list.

Integration and Formatting

DefaultColumnSize	Sets the default length of string fields when the data source does not provide column length in the metadata. The default value is 2000.
ConvertDateTimeToGMT	Determines whether to convert date-time values to GMT, instead of the local time of the machine.
RecordToFile=filename	Records the underlying socket data transfer to the specified file.

This property indicates whether or not to include pseudo columns as columns to the table.

Remarks

This setting is particularly helpful in Entity Framework, which does not allow you to set a value for a pseudo column unless it is a table column. The value of this connection setting is of the format "Table1=Column1, Table1=Column2, Table2=Column3". You can use the "*" character to include all tables and all columns; for example, "*=*".

This option passes the query to the Databricks server as is.

Remarks

When this is set, queries are passed through directly to Databricks.

A name-value list of server configuration variables to override the server defaults.

Remarks

This property takes a comma separated list of configuration variables specified as name-value pairs. Any values specified here will be sent to the Hive server to override the default values.

Example: hive.enforce.bucketing=true,hive.enforce.sorting=true

The value in seconds until the timeout error is thrown, canceling the operation.

Remarks

If Timeout = 0, operations do not time out. The operations run until they complete successfully or until they encounter an error condition.

If Timeout expires and the operation is not yet complete, the Sync App throws an exception.

This option specifies whether the columns will be retrieved using a DESC TABLE query or the GetColumns Thrift API.The GetColumns Thrift API works for the Apache Spark 3.0.0 or later.

Remarks

When set to true, a DESC TABLE query will be issued to retrieve the columns for the table.

Specifies whether to use an INSERT INTO SELECT statement.

Remarks

When set to true, an INSERT INTO SELECT statement will be used when executing insert statements. When set to false, an INSERT INTO VALUES statement will be used.

Unless explicitly specified, this option will be configured accordingly based on the Databricks version.

A filepath pointing to the JSON configuration file containing your custom views.

Remarks

User Defined Views are defined in a JSON-formatted configuration file called UserDefinedViews.json. The Sync App automatically detects the views specified in this file.

You can also have multiple view definitions and control them using the UserDefinedViews connection property. When you use this property, only the specified views are seen by the Sync App.

This User Defined View configuration file is formatted as follows:

• Each root element defines the name of a view.
• Each root element contains a child element, called query, which contains the custom SQL query for the view.

For example:

{
	"MyView": {
		"query": "SELECT * FROM [CData].[Sample].Customers WHERE MyColumn = 'value'"
	},
	"MyView2": {
		"query": "SELECT * FROM MyTable WHERE Id IN (1,2,3)"
	}
}

Use the UserDefinedViews connection property to specify the location of your JSON configuration file. For example:

"UserDefinedViews", C:\Users\yourusername\Desktop\tmp\UserDefinedViews.json

Note that the specified path is not embedded in quotation marks.