Authenticate with personal access tokens in Databricks SQL

To authenticate to and access Databricks REST APIs, you can use Azure Databricks personal access tokens or Azure Active Directory (Azure AD) tokens.

This article discusses how to use Azure Databricks personal access tokens. For Azure AD tokens, see Authenticate using Azure Active Directory tokens.

Generate a personal access token

See Personal access tokens.

Use a personal access token to access the Databricks REST API

You can store a personal access token in .netrc and use in curl or pass it to the Authorization: Bearer header.

Store token in .netrc file and use in curl

Create a .netrc file with machine, login, and password properties:

machine <databricks-instance>
login token
password <personal-access-token>


  • <databricks-instance> is the hostname part of the workspace URL of your Azure Databricks deployment, after https:// and before the next /.
  • token is the literal string token
  • <personal-access-token> is the value of your personal access token.

To invoke the .netrc file, use -n in your curl command:

curl -n -X GET https://<databricks-instance>/api/2.0/sql/warehouses/get?id=<warehouse-id>

For more information about using .netrc with cURL, see the cURL MAN page and the netrc page in the GNU netutils documentation.

Pass token to Bearer authentication

You can include the token in the header using Bearer authentication.

curl -X GET -H 'Authorization: Bearer <personal-access-token>' https://<databricks-instance>/api/2.0/sql/warehouses/