An Azure Databricks admin is a member of the
An Azure Databricks admin can manage user accounts using the Azure Databricks admin console, the SCIM API, or a SCIM-enabled identity provider like Azure Active Directory. This article discusses user management using the admin console.
You can use the Users tab on the admin console to:
Add and remove users.
Grant and revoke Workspace and SQL Analytics entitlements.
Grant and revoke the ability to create clusters (if cluster access control has been enabled for the workspace).
Grant and revoke membership in the
Users with the Contributor or Owner role on the workspace resource can sign in as administrators using the Azure portal. For more information, see Assign account admins.
You can also perform the following user management tasks in other parts of the admin console, covered in other articles:
- Add users to groups. See Manage groups.
Go to the admin console.
On the Users tab, click Add User.
Enter the user email ID. You can add any user who belongs to the Azure Active Directory tenant of your Azure Databricks workspace.
The user is added to the workspace.
Although the Workspace access checkbox is not selected, the user inherits this entitlement as a member of the
users group, which has the entitlement. Workspace admins can remove the entitlement from the
users group and assign it individually to users on the Users page.
For information about the SQL Analytics access entitlement, see Grant a user access to SQL Analytics.
If cluster access control is enabled, and you don’t select the Allow cluster creation checkbox, the user is added without the cluster creation entitlement.
If the user previously existed in the workspace, the user’s previous entitlements are restored.
Another way to add users is with an integration with SCIM.
- Go to the admin console.
- On the Users tab, find the user and click the at the far right of the user row.
- Click Remove User to confirm.