SSO server redirects to original URL, not to vanity Databricks URL

SSO configuration should use the vanity URL as the base target URL.

Written by Adam Pavlacka

Last published at: July 18th, 2023

Problem

When you log into Databricks using a vanity URL (such as mycompany.cloud.databricks.com), you are redirected to a single sign-on (SSO) server for authentication. When that server redirects you back to the Databricks website, the URL changes from the vanity URL to the original deployment URL (such as dbc-XXXX.cloud.databricks.com). This can happen even if a CNAME record exists that points to the vanity URL.

Cause

This issue happens if the SSO administrator used the original deployment URL when they configured the Databricks application in the Identity Provider (IdP).

Solution

The SSO administrator should use the vanity Databricks URL as the base for target URL for the Identity Provider application. For example, https://mycompany.cloud.databricks.com/saml/consume.

Was this article helpful?