Databricks Authentication Token With Hostname
Description
General
Documentation: https://docs.databricks.com/dev-tools/api/index.html
Summary: The Databricks REST API supports services to manage workspaces, DBFS, clusters, instance pools, jobs, libraries, users and groups, tokens, and MLflow experiments and models. This detector finds a personal token combined with a hostname. These can be used to authenticate requests. Note that another detector is available to catch a Databricks API key alone.
IPs allowlist: At the time of writing this documentation, this feature is not yet supported.
Scopes: At the time of writing this documentation, this feature is not yet supported.
Revoke the secret
Tokens can be revoked in the user settings. Note that tokens have a lifetime that is set upon its creation.
Check for suspicious activity
No usage information is available in the dashboard.
Details for Databricks token with hostname
Family: Api
Category: Other
Company: Databricks
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 2
Occurrences found for one million commits: 0.55
Prefixed: True
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- dapi
- type: ContentWhitelistPreValidator
patterns:
- azuredatabricks\.net
- cloud\.databricks\.com
Examples
- text: |
host="https://centralus.azuredatabricks.net"
token="dapi72766020efab76b5ad71bd6107344301"
token: dapi72766020efab76b5ad71bd6107344301
host: centralus.azuredatabricks.net
- text: |
token=dapi72766020efab76b5ad71bd6107344301"
hostname=e2-demo-corp.cloud.databricks.com
token: dapi72766020efab76b5ad71bd6107344301
host: e2-demo-corp.cloud.databricks.com
- text: |
host = https://dbc-bd557e10-904d.cloud.databricks.com/?autoLogin=true&account_id=5dfd135f-48e7-4bd7-bfb5-668950f664db&o=910042726816023
token = dapi72766020efab76b5ad71bd6107344301
token: dapi72766020efab76b5ad71bd6107344301
host: dbc-bd557e10-904d.cloud.databricks.com
Was this page helpful?
