Skip to main content

Databricks Authentication Token

Description#

General#

  • Documentation: https://docs.databricks.com/dev-tools/api/index.html

  • Summary: The Databricks REST API supports services to manage workspaces, DBFS, clusters, instance pools, jobs, libraries, users and groups, tokens, and MLflow experiments and models. This detector finds personal tokens that are used to authenticate requests.
    Another detector is also available to catch a Databricks API key combined with a hostname.

  • IPs allowlist: At the time of writing this documentation, this feature is not yet supported.

  • Scopes: At the time of writing this documentation, this feature is not yet supported.

Revoke the secret#

Tokens can be revoked in the user settings. Note that tokens have a lifetime that is set upon its creation.

Check for suspicious activity#

No usage information is available in the dashboard.

Details for Databricks token#

  • Family: Api

  • Category: Other

  • Company: Databricks

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.52

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - dapi

Examples#

- text: fig("spark.databricks.service.token", "dapi72766020efab76b5ad71bd6107344301"  token: dapi72766020efab76b5ad71bd6107344301
- text: |    +login token    +password dapi82351a65625ee2c246d841e682355380  token: dapi82351a65625ee2c246d841e682355380