Provisioning Users and Groups Using SCIM

Databricks supports SCIM, or System for Cross-domain Identity Management, an open standard that allows you to automate user provisioning. SCIM lets you use an identity provider (IdP) like Okta or Azure Active Directory to create users in Databricks and give them the proper level of access, as well as remove access for users (deprovision them) when they leave your organization or no longer need access to Databricks. You can also invoke the Databricks SCIM API directly to manage provisioning.

The Databricks SCIM API follows version 2.0 of the SCIM protocol.

Note

  • This feature is in Public Preview.
  • You must be a Databricks administrator to configure identity providers to provision users to Databricks or to invoke the Databricks SCIM API directly.

This section includes the following topics:

To learn how to use the Databricks SCIM API, see SCIM API.