Specifies the authentication scheme that the provider uses to connect to Databricks.

Possible Values

PersonalAccessToken, OAuthU2M, OAuthM2M, AzureServicePrincipal, AzureAD, AzureMSI

Data Type

string

Default Value

"PersonalAccessToken"

Remarks

The AuthScheme property determines which authentication flow the server uses when connecting to Databricks. Each option requires a different set of supporting connection properties.

When set to PersonalAccessToken, the server authenticates by using a personal access token from Databricks.

When set to OAuthU2M, the server uses the OAuth user-to-machine (U2M) flow. Set OAuthLevel, DatabricksAccountId (optional), OAuthClientId, and CallbackURL.

When set to OAuthM2M, the server uses the OAuth machine-to-machine (M2M) flow. Set OAuthLevel, DatabricksAccountId (optional), OAuthClientId, and OAuthClientSecret. The client ID and secret can be generated by creating a Databricks service principal.

When this property is set to AzureServicePrincipal, the server authenticates with an Azure service principal. Set AzureTenantId, AzureClientId, and AzureClientSecret. Follow the instructions in Get Microsoft Entra ID tokens for service principals to register an Azure AD application, and in Assign Azure roles using the Azure portal to assign appropriate roles in Azure.

When set to AzureAD, the server authenticates through Azure Active Directory OAuth. Set AzureTenantId, OAuthClientId, OAuthClientSecret (optional), and CallbackURL. Follow the instructions in Configure an app in Azure portal to register an Azure AD application. The client secret is required only if the platform type in your Azure app is "Web".

When set to AzureMSI, the server automatically obtains Azure Managed Service Identity credentials when running on an Azure VM.