Dash Enterprise OAuth

Nathan from Plotly walks through Dash OAuth Connections, a library for Dash Enterprise that enables pass-through authentication for applications. This system lets developers build apps where users authenticate directly to their own data sources, following the principle of least privilege access.

The library centers on a single function, get_user_token, which handles OAuth setup and redirects automatically. Developers configure a few environment variables and ensure their OAuth provider redirects back to their project. Nathan demonstrates two working examples using Databricks SQL Connector and Microsoft Entra ID, showing how the access token can query databases, run Databricks jobs, or connect to any OAuth-compliant system like Snowflake.

The end user experience is straightforward. When opening an app, users see a prompt to authenticate if they haven't already. Once authenticated, the app queries data on their behalf using their personal credentials. If an admin revokes database access, queries immediately fail without any code changes. Nathan verifies this by checking the Databricks query history, confirming that all queries ran under his user account and stopped working the moment his permissions changed.

Key highlights include:

• Single function implementation with get_user_token
• Works with Databricks, Entra ID, Snowflake, and other OAuth providers
• Real-time permission enforcement at the data source level

Watch the video to follow along with the live demonstrations and see OAuth authentication in action.