Users being provisioned in Databricks outside of SCIM

Disable the "Auto user creation" setting.

Written by ganireddy.ramadevi

Last published at: June 30th, 2025

Problem

You notice users are being provisioned outside of the SCIM process in your organization’s Databricks environment. For example, a new employee is able to log into your organization’s Databricks account console using SSO (SAML) and set up an account before being provisioned through SCIM. 

 

Cause

The Auto user creation setting in the Databricks workspace admin settings is enabled.

 

Solution

Disable the Auto user creation setting in the Databricks workspace admin settings. 

 

1. Log in to the Databricks workspace as an admin.

2. Navigate to the admin console.

3. Click the Settings tab.

4. Scroll down to the Authentication section.

5. Uncheck the Auto user creation checkbox.

6. Click Save to save the changes.

 

It is also recommended to check the audit logs to ensure that no other users have been provisioned outside of SCIM. If any users have been provisioned outside of SCIM, they should be manually de-provisioned and then re-provisioned through SCIM.