--- title: Databricks API Integration on Truto slug: databricks category: Analytics canonical: "https://truto.one/integrations/detail/databricks/" --- # Databricks API Integration on Truto **Category:** Analytics **Status:** Generally available ## Unified APIs ### Unified User Directory API - **Groups** — Groups are a collection of users in the source application. In some applications, they might also be called Teams. - **Users** — The User object represents a User. ## How it works 1. **Link your customer's Databricks account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach Databricks.** The Proxy API is a 1-to-1 mapping of the Databricks API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Sync Databricks users and groups into your security or compliance product** — SaaS companies building data security, identity governance, or compliance tools need to enumerate who has access to a customer's Databricks environment. Pulling users and groups via Truto's Unified User Directory API gives you a normalized view without handling SCIM API quirks directly. - **Automate user provisioning and deprovisioning across data platforms** — HR, IT, and identity management SaaS products need to ensure that when an employee joins or leaves, their Databricks workspace access is updated in lockstep. Integrating Databricks as a user directory target lets your product manage the full lifecycle. - **Audit data access by cross-referencing identity with permissions** — Data security posture management (DSPM) tools need to map Databricks groups and users to understand who can access sensitive tables. Starting with a reliable user and group sync is the foundation for building access reviews and compliance reports. - **Offer Databricks as a connected identity source in your SaaS platform** — If your product aggregates identity data across a customer's tech stack, Databricks is a critical source for data-heavy enterprises. Letting end users connect their Databricks account alongside other tools gives your product a more complete picture of organizational access. ## What you can build - **Databricks user directory sync** — Continuously pull all Databricks workspace users and their attributes into your product using Truto's Unified User Directory API, keeping your local directory up to date. - **Group membership mapping** — Import Databricks groups and their member lists so your product can visualize team structures and role-based access within a customer's data platform. - **Automated user deprovisioning workflows** — Trigger deactivation of a Databricks user when your product detects an offboarding event, reducing the window of unauthorized access. - **Cross-platform identity audit dashboard** — Display a unified view of a customer's Databricks users alongside users from other integrated platforms, highlighting orphaned accounts or permission drift. - **Access review campaigns with Databricks context** — Generate periodic access review reports that include Databricks group memberships, enabling security teams to certify or revoke access without leaving your product. ## FAQs ### How does authentication work for the Databricks integration? Databricks supports personal access tokens (PATs) and OAuth (for Azure-backed workspaces). Your end users provide their workspace URL and a token or OAuth credential, and Truto manages storing and refreshing auth securely. ### What data can I access through Truto's Unified User Directory API for Databricks? You can read Users and Groups from Databricks workspaces via the SCIM-based identity endpoints. This includes user attributes like email, display name, and active status, as well as group names and membership lists. ### Are there rate limits on the Databricks SCIM API? Yes. Databricks enforces rate limits on its SCIM API, typically around 10-20 requests per second depending on the workspace tier. Truto handles pagination and respects rate limits automatically so your integration stays reliable. ### Can I use Truto to run SQL queries or manage Databricks jobs? Not out of the box. Truto's current Unified API coverage for Databricks focuses on the User Directory (Users and Groups). Additional tools for SQL execution, Jobs, or Unity Catalog can be built on request — reach out to discuss your use case. ### Does the integration work with both workspace-level and account-level SCIM? Databricks offers workspace-level and account-level SCIM endpoints. The specific scope depends on how your end user configures their credentials. Truto can support either — contact us if you need account-level identity sync across multiple workspaces. ### How fresh is the user and group data? Data is fetched in real time from the Databricks SCIM API whenever your application requests it through Truto. There is no caching delay — you always get the current state of the customer's directory. ## Related reading - [Best MCP Server for Databricks in 2026: Give AI Agents Secure Access to Lakehouse Data](https://truto.one/blog/best-mcp-server-for-databricks-in-2026-give-ai-agents-secure-access-to-lakehouse-data/) — Evaluate the best Databricks MCP servers in 2026. Learn how to securely connect AI agents to Unity Catalog, manage multi-tenant OAuth, and handle HTTP 429 rate limits.