Connecting to Databricks

Last updated 16 days ago

Was this helpful?

Connecting to Databricks

About Juicebox

Juicebox is a data storytelling platform that transforms complex analytics into compelling, interactive narratives. Unlike traditional BI dashboards, Juicebox enables business users to create branded, customer-facing data experiences without coding—turning insights into persuasive stories that drive decisions.

Juicebox + Databricks Integration

The Juicebox-Databricks integration enables organizations to leverage Databricks' powerful data processing capabilities while using Juicebox to create engaging, interactive data applications for executives, customers, and external audiences. With this integration, you can:

Build narrative-driven data experiences from your Databricks data
Create branded, customer-facing analytics applications
Deliver mobile-ready insights that showcase your data's value
Enable self-service analytics for non-technical business users

How it works

This integration connects Juicebox directly to your Databricks SQL warehouse, enabling real-time querying of your Unity Catalog data across all major cloud providers: AWS, Google Cloud Platform (GCP), and Microsoft Azure. Setup requires configuring authentication in Databricks and sharing connection details with the Juice Analytics team.

Prerequisites

Before connecting Juicebox to Databricks, ensure you have:

A Databricks workspace with:
- An active SQL warehouse (a SQL-optimized compute resource for data warehousing)
- Tables or views in Unity Catalog with the relevant data
- A user or service principal with appropriate data access permissions and compute resource access to query the relevant data sources:
  - USE CATALOG on the catalog(s) containing the tables or views
  - USE SCHEMA on the schema(s) containing the tables or views
  - SELECT on the tables or views
  - Can use permissions for a SQL warehouse compute resource
- A Premium or Enterprise plan (recommended for optimized performance)
A with:
- A Business or Unlimited subscription. Database connections are only available on these subscription levels. Reach out to help@myjuicebox.io to learn more about subscription options.
- A Juicebox user account with Owner or Admin privileges.
The connection details (see below)
A secure method to share connection details (such as 1Password's feature)

Connection Methods

There are two authentication methods available to connect to Databricks from a Juicebox workspace: Personal Access Token (PAT) and OAuth. PAT is suitable for testing and development, but is not recommended for production. OAuth is the recommended method for use in production.

Connection details for either method need to be shared with Juice Analytics by a user having Admin or higher privileges in the Juicebox workspace. To start this process, reach out to help@myjuicebox.io.

Connect Using PAT Authentication

PAT authentication can be generated for a Databricks user account and will have the same permissions as the associated user account. It is suitable for testing and development, but is not recommended for production.

Create a Personal Access Token in Databricks:
- In your Databricks workspace, click on the user profile button in the upper-right and select Settings
- In the Settings side bar, select the Developer tab
- Click the Manage button in the Access tokens section
- Click the Generate new token button
- Provide a description and set expiration
- Copy the generated personal access token (it will only be shown once)
- Share the following information:
  - hostname: The Databricks server hostname
  - http_path: The HTTP path to the Databricks SQL endpoint
  - catalog: The catalog to use for the connection
  - schema: The schema to use for the connection (optional)
  - access_token: Your Databricks personal access token copied from Step 1 (this will be encrypted)

Connect Using OAuth Authentication

OAuth authentication requires a service principal with appropriate permissions. OAuth is suitable for all environments and recommended for production.

Create a Service Principal in Databricks (you must be an Admin to do this):
- In your Databricks workspace, click on the user profile button in the upper-right and select Settings
- In the Settings side bar, select the Identity and access tab under Workspace admin
- Click the Manage button in the Service principals section
- Click the Add service principal button
- Click the Add new button
- Enter a service principal name and click Add
Generate an OAuth Secret for the Service Principal
- On the service principal's details page, click the Secrets tab
- Under OAuth secrets, click Generate secret
- Set the secret's lifetime in days (maximum 730 days)
- Copy the displayed Secret (it will only be shown once) and Client ID, then click Done
- Share the following information:
  - hostname: The Databricks server hostname
  - http_path: The HTTP path to the Databricks SQL warehouse
  - catalog: The catalog to use for the connection
  - schema: The schema to use for the connection (optional)
  - account_id: The OAuth account ID
  - client_id: The OAuth client ID (also called the service principal application ID)
  - secret: Your OAuth client secret from Step 2 (this will be encrypted)

Juicebox will automatically generate the access tokens, which will be encrypted and used for secure authentication with your Databricks workspace. This eliminates the need for you to manage access token rotation.

Finding Connection Details in Databricks

hostname and http_path

In your Databricks workspace, navigate to SQL Warehouses
Select the SQL warehouse you want to connect to
Click on Connection details
Copy the Server hostname and HTTP path values

The format of the server hostname differs between cloud providers:

AWS: Server hostname typically follows the pattern dbc-<id>.<region>.databricks.com
Azure: Server hostname typically follows the pattern adb-<workspace-id>.<random-number>.azuredatabricks.net
GCP: Server hostname typically follows the pattern <workspace-name>.<region>.gcp.databricks.com

catalog and schema

In your Databricks workspace, navigate to Catalog
The top-level container is the catalog. Each connection requires a single catalog.
The containers within the catalog are the schemas. Schemas contain tables and views. Specifying the schema is optional.

account_id (for OAuth only)

In your Databricks workspace, click on the workspace dropdown to the left of the user profile button
Click Manage account. This will open the account console.
Click the user profile button in the upper-right of the account console.
Copy the Account ID.

client_id (for OAuth only)

In your Databricks workspace, click on the user profile button in the upper-right and select Settings
In the Settings side bar, select the Identity and access tab under Workspace admin
Click the Manage button in the Service principals section
Click the service principal name to access its details
Copy the Application ID (also called the Client ID)

Adding a Databricks Data Source to a Juicebox Report

After sending the connection details to the Juice Analytics team, the Databricks connection will be set up in your workspace. After it is set up, a new Databricks connection button will appear in the data drawer of each draft report in your Juicebox workspace like this:

To add a data source using the Databricks connection, click on the connection button, select the schema, and select the table or view to add.

Once the data source has been added to the Juicebox report, you can use it to configure slices.

User-level permissions within Juicebox

Support

For help setting up a Databricks connection in Juicebox, reach out to us at help@myjuicebox.io.

Last updated 16 days ago

Was this helpful?