## Steps
### 1. Create a Service Principal
Create a Service Principal in Microsoft Entra ID and note down the Tenant ID and Client ID.  
Create a client secret and securely store the secret value.

### 2. Assign Storage Permissions
Grant the Service Principal **Storage Blob Data Contributor** access on the Azure Storage Account.

### 3. Create Secrets in Azure Key Vault
Create secrets in Azure Key Vault for the client ID, client secret, and tenant ID.

### 4. Create a Databricks Secret Scope
Copy your Databricks workspace URL and append `#secrets/createScope` at the end.  
Create a Key Vault–backed secret scope and provide the Key Vault URI and Resource ID (from Key Vault properties).

### 5. Grant Databricks Access to Key Vault
Assign the required role to Azure Databricks so it can access and read secrets from the Key Vault.

### 6. Validate the Connection
After completing the above steps, Databricks can securely access ADLS Gen2 using OAuth.  
You can now read data and proceed with further processing.


In [0]:
dbutils.secrets.listScopes()

[SecretScope(name='gajendra')]

In [0]:
dbutils.secrets.get(scope="gajendra", key="client-secret")


'[REDACTED]'

In [0]:
client_id = dbutils.secrets.get(
    scope="gajendra",
    key="client-id"
)

client_secret = dbutils.secrets.get(
    scope="gajendra",
    key="client-secret"
)

tenant_id = dbutils.secrets.get(
    scope="gajendra",
    key="tenant-id"
)


In [0]:
dbutils.secrets.list("gajendra")


[SecretMetadata(key='client-id'),
 SecretMetadata(key='client-secret'),
 SecretMetadata(key='tenant-id')]

In [0]:
storage_account = "saleslakestorage"
service_credential = dbutils.secrets.get(scope="gajendra",key="client-secret")
spark.conf.set(
    f"fs.azure.account.auth.type.{storage_account}.dfs.core.windows.net",
    "OAuth"
)

spark.conf.set(
    f"fs.azure.account.oauth.provider.type.{storage_account}.dfs.core.windows.net",
    "org.apache.hadoop.fs.azurebfs.oauth2.ClientCredsTokenProvider"
)

spark.conf.set(
    f"fs.azure.account.oauth2.client.id.{storage_account}.dfs.core.windows.net",
    client_id
)

spark.conf.set(
    f"fs.azure.account.oauth2.client.secret.{storage_account}.dfs.core.windows.net",
    client_secret
)

spark.conf.set(
    f"fs.azure.account.oauth2.client.endpoint.{storage_account}.dfs.core.windows.net",
    f"https://login.microsoftonline.com/{tenant_id}/oauth2/token"
)


In [0]:
customer_df = spark.read \
    .format("csv") \
    .option("header", "true") \
    .option('delimiter',';')\
    .option("inferSchema", "true") \
    .load(
        "abfss://sales-data@saleslakestorage.dfs.core.windows.net/raw/sales/3a_superstore/customers/Customers_ENG.csv"
    )

customer_df.display()


USERID,USERNAME_,NAMESURNAME,STATUS_,USERGENDER,USERBIRTHDATE,REGION,CITY,TOWN,DISTRICT,ADDRESSTEXT
1,atilla.keles24086@outlookerlab.com,Atilla Keleş,1,M,1965-03-29,Ic Anadolu,Eskisehir,TEPEBASI,FATIH MAH.,FATIH MAH. SEHIT AHMET KOC SOKAK 26220 TEPEBASI/ESKISEHIR
2,zeynep.seyma.altun98278@outlookerlab.com,Zeynep Şeyma Altun,1,F,1980-09-23,Guneydogu Anadolu,Mardin,KIZILTEPE,ARIKLI KOYU,ARIKLI KOYU MAH. KOYUN KENDISI 47400 KIZILTEPE/MARDIN
3,aysun.aydin80939@inboxplus.com,Aysun Aydın,1,F,1961-06-16,Marmara,Istanbul,CATALCA,FERHATPASA MAH.,FERHATPASA MAH. NAR SOKAK 34540 CATALCA/ISTANBUL
4,lara.cinar80899@outlookerlab.com,Lara Çınar,1,F,1955-12-21,Karadeniz,Rize,FINDIKLI,CENNET KOYU,CENNET KOYU MAH. DUZ CADDESI 53740 FINDIKLI/RIZE
5,gonul.seda.cetin85529@gmaileo.com,Gönül Seda Çetin,1,F,1986-08-09,Ege,Izmir,KIRAZ,CERITLER KOYU,CERITLER KOYU MAH. SULUKLU MEVKI 35890 KIRAZ/IZMIR
6,yasemin.celik61459@inboxplus.com,Yasemin Çelik,1,F,1970-02-06,Marmara,Istanbul,MALTEPE,IDEALTEPE MAH.,IDEALTEPE MAH. AYDIN SOKAK 34841 MALTEPE/ISTANBUL
7,ebru.balci67704@outlookerlab.com,Ebru Balcı,1,F,1959-01-31,Marmara,Istanbul,KUCUKCEKMECE,TEVFIK BEY MAH.,TEVFIK BEY MAH. VURAL SOKAK KUCUKCEKMECE/ISTANBUL
8,pelin.yasemin.caglar98652@inboxplus.com,Pelin Yasemin Çağlar,1,F,1958-06-02,Ic Anadolu,Kirikkale,YAHSIHAN,KADIOGLU MAH.,KADIOGLU MAH. KUME EVLER KUME EVLERI 71450 YAHSIHAN/KIRIKKALE
9,gonca.yavuz56286@hotmailia.com,Gonca Yavuz,1,F,1990-05-02,Akdeniz,Antalya,GUNDOGMUS,CALTI KOYU,CALTI KOYU MAH. CALTI MERKEZ MEVKI 07860 GUNDOGMUS/ANTALYA
10,huseyin.taner.ozkanli40122@yahootracker.com,Hüseyin Taner Özkanlı,1,M,1984-06-23,Marmara,Istanbul,SILE,AGVA MERKEZ MAH.,AGVA MERKEZ MAH. OGRETMENLER SOKAK 34990 SILE/ISTANBUL
