| Info |
|---|
This article describes the authentication flow for a user (Angela) that signs in to Lakehouse Optimizer (LHMLHO) using Active Directory (AD) enabled credentials and accesses Databricks Workspaces. |
Angela opens the browser and navigates to LHM login page (B1). Upen opening the LHM LHO login page, she is presented with the “Login with Active Directory” screen.
...
Once Angela successfully authenticated herself using Microsoft's OAuth2 protocol (requests diagram here), at the end of B2 step LHM LHO will have an access token to use on-behalf-of Angela to access the Databricks resources (B3 and B4).
...
Also Active Directory’s Graph is used to define LHM LHO Roles to be used within the Lakehouse Optimizer application.
...
For more details, please refer to the following related articles:
https://blueprinttechnologies.atlassian.net/wiki/spaces/BLMPD/pages/25715671052670788609/Azure+VM+Docker+with+Azure+Service+Management+and+Service+Management#%F0%9F%91%A4ActivePrincipal#%F0%9F%91%A4Active-Directory-Authentication
https://blueprinttechnologies.atlassian.net/wiki/spaces/BLMPD/pages/25715671052670788609/Azure+VM+Docker+with+Azure+Service+Management#How-is-Databricks-managed-in-LHM%3F-(4)https://blueprinttechnologies.atlassian.net/wiki/spaces/BLMPD/pages/2571567105/Azure+VM+Docker+with+Azure+Service+Management#%F0%9F%AA%AA-LHMManagement+and+Service+Principal#%F0%9F%AA%AA-LHO-Roles