使用 Azure Active Directory 令牌进行身份验证Authenticate using Azure Active Directory tokens

若要向 Databricks REST API 进行身份验证,可以使用 Azure Databricks 个人访问令牌或 Azure Active Directory 令牌。To authenticate to Databricks REST APIs, you can use Azure Databricks personal access tokens or Azure Active Directory tokens.

此部分介绍了如何获取、使用和刷新 Azure AD 令牌。This section describes how to get, use, and refresh Azure AD tokens. 有关 Azure Databricks 个人访问令牌,请参阅使用 Azure Databricks 个人访问令牌进行身份验证For Azure Databricks personal access tokens, see Authentication using Azure Databricks personal access tokens.

此部分介绍了两种用于获取和使用 Azure AD 访问令牌的方法:This section describes two ways to get and use Azure AD access tokens:

  • 使用 Azure Active Directory 身份验证库 (ADAL) 以编程方式为用户获取 Azure AD 访问令牌。Use the Azure Active Directory Authentication Library (ADAL) to programmatically get an Azure AD access token for a user.
  • 在 Azure Active Directory 中定义服务主体,并为该服务主体(而不是用户)获取 AAD 访问令牌。Define a service principal in Azure Active Directory and get an Azure AD access token for the service principal rather than a user. 将服务主体配置为,可以在 Azure Databricks 中强制执行身份验证和授权策略。You configure the service principal as one on which authentication and authorization policies can be enforced in Azure Databricks. Azure Databricks 工作区中的服务主体可以有不同于常规用户(用户主体)的精细访问控制。Service principals in an Azure Databricks workspace can have different fine-grained access control than regular users (user principals).

本部分内容:In this section: