Learn how to configure access with Option B - Personal Access Token (PAT)

1. In the SQL Warehouses console, select the SQL warehouse you created in Create a SQL warehouse.
2. Click the Connection Details tab, and make a note of the Server hostname, Port, and HTTP path.

   

3. Click the link to create a personal access token.

   

4. Click Generate New Token.
5. Name the token with a descriptive comment and assign the token lifetime. A longer lifetime will ensure you do not have to update the token as often. Click Generate.
6. In the pop up that follows, copy the token and securely save the token.

   You may prefer to create a Service Principal with a PAT to use for authentication instead of using your account's Personal Access Token. For more information, refer to Use a Service Principal with Service Account PAT.

7. In the Databricks UI, select the Catalog tab, and select the target Catalog. Within the catalog Permissions tab, click Grant. In the following modal, select the principal for which you generated the access token, select USE CATALOG, and click Grant.
8. Under the target Catalog, select the target schema (for example, main.default, or create a new target schema). Within the schema Permissions tab, click Grant. In the following modal, select the principal for which you generated the access token, and select either ALL PRIVILEGES or the following nine privileges and then click Grant:
   • USE SCHEMA
   • APPLY TAG
   • MODIFY
   • READ VOLUME
   • SELECT
   • WRITE VOLUME
   • CREATE MATERIALIZED VIEW
   • CREATE TABLE
   • CREATE VOLUME

   Note: IP Access Lists (optional)

   If your workspace enforces Databricks IP Access Lists, allowlist the static egress IP(s) used by the data transfer service so connections and test sessions can open successfully. See Databricks documentation: Databricks IP Access Lists.

   • Cloud Hosted (US): 35.192.85.117/32

   • Cloud Hosted (EU): 104.199.49.149/32

   If private-cloud or self-hosted, contact support for the static egress IP.