Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Note
This information applies to Databricks CLI versions 0.205 and above. The Databricks CLI is in Public Preview.
Databricks CLI use is subject to the Databricks License and Databricks Privacy Notice, including any Usage Data provisions.
The token-management command group within the Databricks CLI enables administrators to get all tokens and delete tokens for other users. Admins can either get every token, get a specific token by ID, or get all tokens for a particular user.
databricks token-management create-obo-token
Create a token on behalf of a service principal.
databricks token-management create-obo-token APPLICATION_ID [flags]
Arguments
APPLICATION_ID
Application ID of the service principal
Options
--comment string
Comment that describes the purpose of the token
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
--lifetime-seconds int
The number of seconds before the token expires
Examples
databricks token-management create-obo-token <application-id> --comment "Service principal token" --lifetime-seconds 3600
databricks token-management delete
Delete a token, specified by its ID.
databricks token-management delete TOKEN_ID [flags]
Arguments
TOKEN_ID
The ID of the token to revoke
Options
Examples
databricks token-management delete 12345
databricks token-management get
Get information about a token, specified by its ID.
databricks token-management get TOKEN_ID [flags]
Arguments
TOKEN_ID
The ID of the token to get
Options
Examples
databricks token-management get 12345
databricks token-management list
List all tokens associated with the specified workspace or user.
databricks token-management list [flags]
Options
--created-by-id int
User ID of the user that created the token
--created-by-username string
Username of the user that created the token
Examples
databricks token-management list
databricks token-management list --created-by-username someone@example.com
databricks token-management get-permission-levels
Get the permission levels that a user can have on an object.
databricks token-management get-permission-levels [flags]
Options
Examples
databricks token-management get-permission-levels
databricks token-management get-permissions
Get the permissions of all tokens. Tokens can inherit permissions from their root object.
databricks token-management get-permissions [flags]
Options
Examples
databricks token-management get-permissions
databricks token-management set-permissions
Set token permissions. Sets permissions on an object, replacing existing permissions if they exist. Deletes all direct permissions if none are specified. Objects can inherit permissions from their root object.
databricks token-management set-permissions [flags]
Options
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
Examples
databricks token-management set-permissions --json '{"access_control_list": [{"user_name": "someone@example.com", "permission_level": "CAN_MANAGE"}]}'
databricks token-management update-permissions
Update the permissions on all tokens. Tokens can inherit permissions from their root object.
databricks token-management update-permissions [flags]
Options
--json JSON
The inline JSON string or the @path to the JSON file with the request body.
Examples
databricks token-management update-permissions --json '{"access_control_list": [{"user_name": "someone@example.com", "permission_level": "CAN_USE"}]}'
Global flags
--debug
Whether to enable debug logging.
-h or --help
Display help for the Databricks CLI or the related command group or the related command.
--log-file string
A string representing the file to write output logs to. If this flag is not specified then the default is to write output logs to stderr.
--log-format format
The log format type, text or json. The default value is text.
--log-level string
A string representing the log format level. If not specified then the log format level is disabled.
-o, --output type
The command output type, text or json. The default value is text.
-p, --profile string
The name of the profile in the ~/.databrickscfg file to use to run the command. If this flag is not specified then if it exists, the profile named DEFAULT is used.
--progress-format format
The format to display progress logs: default, append, inplace, or json
-t, --target string
If applicable, the bundle target to use