Interactive visualizations for Databricks authentication patterns and Unity Catalog access control
View Full Documentation on GitHub
This site hosts interactive visualizations that explain complex concepts through scroll-based animations.
The GitHub repo contains detailed markdown documentation with code examples, SQL snippets, and reference materials.
The "mother of all" scenarios: Agent auth, External apps, MCP, Model Serving, AI Gateway, Lakebase — all in one place.
START HEREAutomatic Passthrough, On-Behalf-Of-User (OBO), and Manual Authentication for Model Serving.
Model ServingOAuth Token Federation for apps running outside Databricks (GitHub Actions, external orchestrators).
Token ExchangeManaged, External, and Custom MCP servers — authentication, scopes, and UC governance.
MCPRate limits, guardrails, inference tables, usage tracking for external LLM traffic.
AI GatewayHost web apps with automatic OAuth, Unity Catalog integration, and serverless compute.
AppsPattern 2: User authentication passthrough with Unity Catalog row/column security per user.
AuthenticationPattern 1: Automatic passthrough with least-privilege service principal credentials.
AuthenticationInteractive decision tree to help you choose the right authentication pattern.
Quick StartWorkspace restrictions → Privileges → ABAC policies → Table-level filtering.
UC CoreTag-based dynamic access control for centralized, scalable governance.
ABACRow-level security using current_user() to filter data per user.
Column-level security using is_member() to mask sensitive values.