Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This page gives you an overview of using single sign-on (SSO) to authenticate to Azure Databricks.
Single sign-on using Microsoft Entra ID
Single sign-on in the form of Microsoft Entra ID-backed login is available in Azure Databricks account and workspaces by default. You use Microsoft Entra ID single sign-on for both the account console and workspaces. You can enable multi-factor authentication using Microsoft Entra ID.
Just-in-time (JIT) provisioning automatically creates new user accounts from Microsoft Entra ID upon their first login. JIT provisioning is enabled by default for accounts created after May 1, 2025 and for all accounts using automatic identity management. See Automatically provision users (JIT).
Databricks recommends syncing users, service principals, and groups from Microsoft Entra ID using automatic identity management. Automatic identity management is enabled by default for accounts created after August 1, 2025 and uses Microsoft Entra ID as the source of record for identities. See Automatic identity management.