`w.tokens`: Token¶

class databricks.sdk.service.settings.TokensAPI¶

The Token API allows you to create, list, and revoke tokens that can be used to authenticate and access Databricks REST APIs.

create([, autoscope_enabled: Optional[bool], comment: Optional[str], lifetime_seconds: Optional[int], scopes: Optional[List[str]]]) → CreateTokenResponse¶

Usage:

import time

from databricks.sdk import WorkspaceClient

w = WorkspaceClient()

token = w.tokens.create(comment=f"sdk-{time.time_ns()}", lifetime_seconds=300)

# cleanup
w.tokens.delete(token_id=token.token_info.token_id)

Creates and returns a token for a user. If this call is made through token authentication, it creates a token with the same client ID as the authenticated token. If the user’s token quota is exceeded, this call returns an error QUOTA_EXCEEDED.

Parameters:

autoscope_enabled – bool (optional) Whether to enable autoscoping for this token. When true, the token will automatically collect inferred API path scopes as it is used.
comment – str (optional) Optional description to attach to the token.
lifetime_seconds –
int (optional) The lifetime of the token, in seconds.

If the lifetime is not specified, this token remains valid for 2 years.
scopes – List[str] (optional) Optional scopes of the token.

Returns:

CreateTokenResponse

delete(token_id: str)¶

Revokes an access token.

If a token with the specified ID is not valid, this call returns an error RESOURCE_DOES_NOT_EXIST.

Parameters:: token_id – str The ID of the token to be revoked.

list() → Iterator[PublicTokenInfo]¶

Usage:

from databricks.sdk import WorkspaceClient

w = WorkspaceClient()

all = w.tokens.list()

Lists all the valid tokens for a user-workspace pair.

Returns:: Iterator over PublicTokenInfo

update(token_id: str, token: PublicTokenInfo, update_mask: FieldMask) → UpdateTokenResponse¶

Updates the comment or scopes of a token.

If a token with the specified ID is not valid, this call returns an error NOT_FOUND.

Parameters:

token_id – str The SHA-256 hash of the token to be updated.
token – PublicTokenInfo
update_mask –
FieldMask A list of field name under token, For example, {“update_mask”: “comment,scopes”}

The field mask must be a single string, with multiple fields separated by commas (no spaces). The field path is relative to the resource object, using a dot (.) to navigate sub-fields (e.g., author.given_name). Specification of elements in sequence or map fields is not allowed, as only the entire collection field can be specified. Field names must exactly match the resource field names.

A field mask of * indicates full replacement. It’s recommended to always explicitly list the fields being updated and avoid using * wildcards, as it can lead to unintended results if the API changes in the future.

Returns:

UpdateTokenResponse

Navigation

Related Topics

`w.tokens`: Token¶

w.tokens: Token¶

`w.tokens`: Token¶