In this post, we will see how to resolve Unable to create token in databricks using service principal
Question:I have the below code to create token in the databricks workspace, script is using the SPN for authentication which is added as user to the workspace and member to the admin group.
Best Answer:I tried to reproduce the same in my environment and got the same error as below:
The error usually occurs if the required roles is not granted to the Service Principal or if permissions are missing to perform the action.
Make sure to grant API permissions to the Azure AD Application like below:
Now, grant roles to the service principal like below:
Go to Azure Portal -> Azure Databricks ->Select your Databricks -> Access control (IAM) -> Add a role assignment -> Select Owner -> Search your service principal -> Save
Note that : Make sure to assign owner or contributor role to the Azure AD Application. Refer this.
If still the issue persists, try the below PowerShell script:
PowerShell Gallery | Public/Connect-Databricks.ps1
Oauth 2.0 – access Azure Databricks API through Active Directory by Carl Zhao
If you have better answer, please add a comment about this, thank you!