Secret management

Sometimes accessing data requires that you authenticate to external data sources through JDBC. Instead of directly entering your credentials into a notebook, use Azure Databricks secrets to store your credentials and reference them in notebooks and jobs. To manage secrets, you can use the Databricks CLI to access the Secrets API.

Warning

Administrators, secret creators, and users granted permission can read Azure Databricks secrets. While Azure Databricks makes an effort to redact secret values that might be displayed in notebooks, it is not possible to prevent such users from reading secrets. For more information, see Secret redaction.

To set up secrets you:

  1. Create a secret scope. Secret scope names are case insensitive.
  2. Add secrets to the scope. Secret names are case insensitive.
  3. If you have the Azure Databricks Premium Plan, assign access control to the secret scope.

This guide shows you how to perform these setup tasks and manage secrets. For more information, see:

In this guide: