## Manage Secrets
Databricks recommends using [secrets](https://learn.microsoft.com/en-us/azure/databricks/security/secrets/) to store your database credentials.

This notebook shows how to manage secrets using the [Databricks SDK for Python](https://docs.databricks.com/en/dev-tools/sdk-python.html).

In [None]:
%pip install databricks-sdk==0.46.0 --upgrade

In [None]:
dbutils.library.restartPython()

In [None]:
scope = "secret_scope_name"
secrets = [
    {"key": "jdbc_user", "string_value": "<your_jdbc_user>"},
    {"key": "jdbc_pwd", "string_value": "<your_jdbc_pwd"},
]

In [None]:
from databricks.sdk import WorkspaceClient
from databricks.sdk.errors import ResourceDoesNotExist

w = WorkspaceClient()

def scope_exists(scope):
    scope_list = w.secrets.list_scopes()
    for i in scope_list:
        if i.name == scope:
            return True
            break
        
if scope_exists(scope):
    print(f'Secret scope {scope} exists')
else:
    w.secrets.create_scope(scope)
    print(f'Created secret scope {scope}')

In [None]:
for i in secrets:
    w.secrets.put_secret(scope=scope, **i)
    print(f"Added or replaced secret '{i['key']}' in scope '{scope}'")

In [None]:
delete_secret = False

if delete_secret:
    try:
        w.secrets.delete_secret(scope=scope, key=secret['key'])
        print(f"Deleted secret '{secret['key']}' in scope '{scope}'")
    except ResourceDoesNotExist as e:
        print(e)

In [None]:
jdbc_user = dbutils.secrets.get(scope, 'jdbc_user')