scal-203358

Naomi-L · Naomi-L · commit 318c334bc121 · 2024-04-23T15:54:51.000-07:00
Signed-off-by: Naomi Lattanzi &lt;naomi.lattanzi@thoughtspot.com&gt;
diff --git a/cloud/modules/ROOT/pages/connections-databricks-oauth-aad.adoc b/cloud/modules/ROOT/pages/connections-databricks-oauth-aad.adoc
@@ -14,8 +14,6 @@ Databricks SQL warehouses are configured with OAuth 2.0 authentication. ThoughtS
 
 NOTE: For OAuth, we recommend checking the {connection} link:https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html[documentation] to confirm any IDP support and their details. This article documents only the most frequently set-up IDP.
 
-IMPORTANT: Each ThoughtSpot instance requires a unique {connection} security integration.
-Each user in {connection} must have a default warehouse and default role.
 
 == Part 1: Create an application in AAD
 
diff --git a/cloud/modules/ROOT/pages/connections-databricks-oauth.adoc b/cloud/modules/ROOT/pages/connections-databricks-oauth.adoc
@@ -19,8 +19,6 @@ The configuration details on the ThoughtSpot connection form should be derived f
 
 NOTE: For OAuth, we recommend checking the {connection} link:https://docs.databricks.com/en/administration-guide/users-groups/single-sign-on/index.html[documentation] to confirm any IDP support and their details.
 
-IMPORTANT: Each ThoughtSpot instance requires a unique {connection} security integration.
-Each user in {connection} must have a default warehouse and default role.
 
 [#step-1]
 == Step 1: Registering an OAuth application from Databricks Account Console
diff --git a/cloud/modules/ROOT/pages/connections-databricks-reference.adoc b/cloud/modules/ROOT/pages/connections-databricks-reference.adoc
@@ -16,16 +16,20 @@ If your {connection} is hosted on Microsoft Azure, see <<databricks-azure,{conne
 Connection name:: Enter a new {connection} connection name.
 Connection description:: Provide a short description of the connection. _(Optional)_
 [#databricks-reference-host]
-Host:: Enter the {connection} server host name without the protocol. You can find this in the connection details of your SQL warehouse.
+Host:: Enter the {connection} server host name without the protocol. You can find this in the connection details of your SQL warehouse. For more information, see link:https://docs.databricks.com/en/integrations/compute-details.html[Get connection details for a Databricks compute resource].
 Example;; *example.cloud.databricks.com*
-HTTP Path:: Enter the {connection} HTTP path. You can find this in the connection details of your SQL warehouse.
-(Service account only) User:: Email address associated with your {connection} account.
-(Service account only) Password:: Specify the password of the {connection} account. You can also use your '`personal access token`' generated in {connection}. For more information, see https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/authentication#--generate-a-personal-access-token[Generate a personal access token^].
-(OAuth and OAuth with PKCE only) OAuth Client ID:: Specify the OAuth client ID.
-(OAuth and OAuth with PKCE only) OAuth Client Secret:: Specify the OAuth client secret.
-(OAuth and OAuth with PKCE only) Scope:: Specify the scope.
-(OAuth and OAuth with PKCE only) Auth Url:: Specify the auth url.
-(OAuth and OAuth with PKCE only) Access token Url:: Specify the access token url.
+HTTP Path:: Enter the {connection} HTTP path. You can find this in the connection details of your SQL warehouse. For more information, see link:https://community.thoughtspot.com/customers/s/article/Where-is-the-http-path-for-my-Databricks-compute-resource[Where is the http path for my Databricks compute resource] or link:https://docs.databricks.com/en/integrations/compute-details.html[Get connection details for a Databricks compute resource].
+Service account::
+User::: Email address associated with your {connection} account. Username and password authentication is known as Databricks basic authentication; it is possible only when single sign-on is disabled.
++
+When using a link:https://docs.databricks.com/en/integrations/jdbc/authentication.html#databricks-personal-access-token[Personal Access Token] as a password, enter the User as 'Token'.
+Password::: Specify the password of the {connection} account. You can also use your '`personal access token`' generated in {connection}. For more information, see link:https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/authentication#--generate-a-personal-access-token[Generate a personal access token^].
+link:https://docs.databricks.com/en/integrations/enable-disable-oauth.html#enable-custom-app-ui[OAuth]::
+xref:connections-databricks-oauth.adoc[OAuth Client ID]::: Specify the OAuth client ID.
+OAuth Client Secret::: Specify the OAuth client secret.
+Scope::: Specify the scope.
+Auth Url::: Specify the auth url.
+Access token Url::: Specify the access token url.
 Catalog:: Specify the catalog. _(Optional)_
 Example;; sample_db
 
@@ -38,18 +42,24 @@ Host:: Enter the {connection} server hostname.  For more information, see https:
 Example;; *abc-1234567890123456.78.azuredatabricks.net*
 HTTP Path:: Enter the Databricks HTTP path.  For more information, see https://docs.microsoft.com/en-us/azure/databricks/integrations/bi/jdbc-odbc-bi#get-server-hostname-port-http-path-and-jdbc-url[Get server hostname, port, HTTP path, and JDBC URL^].
 Example;; *sql/protocolv1/o/1234567890123456/7890-123456-abc789*
-(Service account only) User:: Enter your login email to your Azure account.
-If this does not work, try "`token`".
-(Service account only) Password:: Enter your '`personal access token`' generated in {connection}.
-This is not the password for your Azure account.  For more information, see https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/authentication#--generate-a-personal-access-token[Generate a personal access token^].
-(OAuth and OAuth with PKCE only) OAuth Client ID:: Specify the OAuth client ID.
-(OAuth and OAuth with PKCE only) OAuth Client Secret:: Specify the OAuth client secret.
-(OAuth and OAuth with PKCE only) Scope:: Specify the scope.
-(OAuth and OAuth with PKCE only) Auth Url:: Specify the auth url.
-(OAuth and OAuth with PKCE only) Access token Url:: Specify the access token url.
+Service account::
+User::: Enter your login email to your Azure account.
++
+When using a link:https://docs.databricks.com/en/integrations/jdbc/authentication.html#databricks-personal-access-token[Personal Access Token] as a password, enter the User as 'Token'.
+Password::: Enter your '`personal access token`' generated in {connection}.
+This is not the password for your Azure account. For more information, see link:https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/authentication#--generate-a-personal-access-token[Generate a personal access token^].
+OAuth::
+xref:connections-databricks-oauth.adoc[OAuth Client ID]::: Specify the OAuth client ID.
+OAuth Client Secret::: Specify the OAuth client secret.
+Scope::: Specify the scope.
+Auth Url::: Specify the auth url.
+Access token Url::: Specify the access token url.
 Catalog:: Specify the catalog. _(Optional)_
 Example;; sample_db
 
+== Limitation
+ThoughtSpot does not support link:https://docs.databricks.com/en/integrations/jdbc/authentication.html#oauth-machine-to-machine-m2m-authentication[OAuth machine-to-machine authentication], also known as Service Principal and OAuth authentication.
+
 '''
 > **Related information**
 >
