Databricks administrators can use the Token Management API to manage their users’ Databricks personal access tokens, using this you could:
A cluster policy limits the ability to create clusters based on a set of rules. A policy defines those rules as of limitations on the attributes used for the cluster creation. Cluster policies define ACLs to limit their use to a specific users and and groups.
Azure AD Tokens + Service Principals allow's the use of AAD tokens to authorize to Databricks APIs along with Service Principals as automation users. Azure Active Directory tokens enable you to automate the creation and setup of new workspaces. Service principals are application objects in Azure Active Directory. You can also use service principals within your Azure Databricks workspaces to automate workflows.
The IP Access List API enables Azure Databricks admins to configure IP allow lists and block lists for a workspace. If the feature is disabled for a workspace, all access is allowed. There is support for allow lists (inclusion) and block lists (exclusion). Databricks workspaces can be configured so that employees connect to the service only through existing corporate networks with a secure perimeter. Databricks customers can use the IP access lists feature to define a set of approved IP addresses. All incoming access to the Web application and REST APIs requires the user connect from an authorized IP address. For employees who are remote or travelling, employees could use VPN to connect to the corporate network, which in turn enables access to the workspace.
Permissions API enables you to set permissions on objects in Databricks. Currently, you can set permissions for users and groups on clusters (both interactive and job clusters), Jobs, Pools, Notebooks, Folders, Model Registry and Tokens.
Databricks supports SCIM, or System for Cross-domain Identity Management, an open standard that allows you to automate user provisioning using a REST API and JSON. The Databricks SCIM API follows version 2.0 of the SCIM protocol.