@Generated public interface CredentialsService
To create credentials, you must be a Databricks account admin or have the `CREATE SERVICE CREDENTIAL` privilege. The user who creates the credential can delegate ownership to another user or group to manage permissions on it.
This is the high-level interface, that contains generated methods.
Evolving: this interface is under development. Method signatures may change.
| Modifier and Type | Method and Description |
|---|---|
CredentialInfo |
createCredential(CreateCredentialRequest createCredentialRequest)
Create a credential.
|
void |
deleteCredential(DeleteCredentialRequest deleteCredentialRequest)
Delete a credential.
|
TemporaryCredentials |
generateTemporaryServiceCredential(GenerateTemporaryServiceCredentialRequest generateTemporaryServiceCredentialRequest)
Generate a temporary service credential.
|
CredentialInfo |
getCredential(GetCredentialRequest getCredentialRequest)
Get a credential.
|
ListCredentialsResponse |
listCredentials(ListCredentialsRequest listCredentialsRequest)
List credentials.
|
CredentialInfo |
updateCredential(UpdateCredentialRequest updateCredentialRequest)
Update a credential.
|
ValidateCredentialResponse |
validateCredential(ValidateCredentialRequest validateCredentialRequest)
Validate a credential.
|
CredentialInfo createCredential(CreateCredentialRequest createCredentialRequest)
Creates a new credential. The type of credential to be created is determined by the **purpose** field, which should be either **SERVICE** or **STORAGE**.
The caller must be a metastore admin or have the metastore privilege **CREATE_STORAGE_CREDENTIAL** for storage credentials, or **CREATE_SERVICE_CREDENTIAL** for service credentials.
void deleteCredential(DeleteCredentialRequest deleteCredentialRequest)
Deletes a service or storage credential from the metastore. The caller must be an owner of the credential.
TemporaryCredentials generateTemporaryServiceCredential(GenerateTemporaryServiceCredentialRequest generateTemporaryServiceCredentialRequest)
Returns a set of temporary credentials generated using the specified service credential. The caller must be a metastore admin or have the metastore privilege **ACCESS** on the service credential.
CredentialInfo getCredential(GetCredentialRequest getCredentialRequest)
Gets a service or storage credential from the metastore. The caller must be a metastore admin, the owner of the credential, or have any permission on the credential.
ListCredentialsResponse listCredentials(ListCredentialsRequest listCredentialsRequest)
Gets an array of credentials (as __CredentialInfo__ objects).
The array is limited to only the credentials that the caller has permission to access. If the caller is a metastore admin, retrieval of credentials is unrestricted. There is no guarantee of a specific ordering of the elements in the array.
CredentialInfo updateCredential(UpdateCredentialRequest updateCredentialRequest)
Updates a service or storage credential on the metastore.
The caller must be the owner of the credential or a metastore admin or have the `MANAGE` permission. If the caller is a metastore admin, only the __owner__ field can be changed.
ValidateCredentialResponse validateCredential(ValidateCredentialRequest validateCredentialRequest)
Validates a credential.
For service credentials (purpose is **SERVICE**), either the __credential_name__ or the cloud-specific credential must be provided.
For storage credentials (purpose is **STORAGE**), at least one of __external_location_name__ and __url__ need to be provided. If only one of them is provided, it will be used for validation. And if both are provided, the __url__ will be used for validation, and __external_location_name__ will be ignored when checking overlapping urls. Either the __credential_name__ or the cloud-specific credential must be provided.
The caller must be a metastore admin or the credential owner or have the required permission on the metastore and the credential (e.g., **CREATE_EXTERNAL_LOCATION** when purpose is **STORAGE**).
Copyright © 2025. All rights reserved.