I am trying to setup SSO between Posit and Databricks following this guide:
Administration Guide - Integrate Workbench with Databricks (posit.co)
I have made it work once with a Service Principal that had too many permissions to it, but now I'm trying to redo it with a new SP from scratch and I want it to follow least privilege.
My question is what permissions are needed for the Service Principal in Azure for the subscription where the Databricks workspace is deployed? Is contributor access necessary on the subscription level? That's what I had on my initial Service Principal. I'm wondering if there's a less privileged permission I can set.
Thanks!