ReddRadar
Agent skill
databricks-apps-cookie-auth
Guide for authenticating with Databricks Apps using cookie-based auth when OAuth/PAT tokens don't work. Use when connecting to Databricks Apps with User Authorization enabled.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/databricks-apps-cookie-auth
SKILL.md
Databricks Apps Cookie Authentication
Problem Solved
Databricks Apps that require browser-based OAuth cannot be accessed with service principals or PATs when the app is configured for "User Authorization" only. The app always redirects to OAuth login regardless of Bearer tokens sent.
Solution: Cookie-Based Authentication
After a user completes browser OAuth login, Databricks Apps set a session cookie __Host-databricksapps that can be captured and reused for API access.
How It Works
- User logs into the Databricks App via browser
- Browser receives
__Host-databricksappscookie after successful OAuth - Cookie is captured from browser DevTools (Application > Cookies)
- Cookie is passed as header in MCP client requests
Cookie Format
__Host-databricksapps=<encrypted_session_data>|<timestamp>|<signature>
The timestamp indicates expiry - cookies typically expire after a session timeout.
Code Example
from mcp.client.session import ClientSession
from mcp.client.streamable_http import streamablehttp_client
from datetime import timedelta
async def connect_with_cookie(url: str, cookie_value: str):
http_context = streamablehttp_client(
url,
headers={'Cookie': f'__Host-databricksapps={cookie_value}'}
)
read, write, _ = await http_context.__aenter__()
session = ClientSession(read, write, read_timeout_seconds=timedelta(seconds=60))
await session.__aenter__()
await session.initialize()
tools = await session.list_tools()
return tools
When to Use This
- Databricks Apps with "User Authorization" enabled but no service principal access
- Apps that redirect to OAuth regardless of Bearer tokens
- Testing/development scenarios where HITL OAuth isn't implemented yet
Limitations
- Session Expiry: Cookies expire, requiring periodic browser re-login
- User-Specific: Cookie is tied to the user who logged in
- Security: Cookie contains sensitive session data - handle securely
Relevant Files
penguiflow/tools/node.py- ToolNode implementationpenguiflow/tools/config.py- AuthType enumtest_generation/reporting-agent/src/reporting_agent/external_tools.py- Example usage
Related Auth Types
| Auth Type | Use Case | Connection Phase | Tool Execution Phase |
|---|---|---|---|
| BEARER | Static tokens, PATs | Headers | Headers |
| API_KEY | API keys | Headers | Headers |
| OAUTH2_USER | HITL OAuth | Deferred | HITL flow |
| COOKIE (new) | Databricks Apps | Cookie header | Cookie header |
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?