Skip to main contentArrow Right
All storiesArrow Left

Databricks: Unified User Journeys Across 5 Apps and Counting

Databricks Case Study Template

Databricks, the industry-leading data and AI platform for enterprises, had fragmented user journeys across multiple user portals and identity providers that resulted in user friction and IAM overhead. Learn why the Databricks identity team chose Descope to unify authentication flows across apps with zero engineering lift.

About Databricks

Founded in 2013 by the creators of Apache Spark, Databricks has grown into the preeminent platform for data teams, AI developers, and enterprises looking to centralize large volumes of data while scaling infrastructure directly tied to it. Databricks offers a suite of products to help teams:

  • Create, tune, and deploy their own generative AI models

  • Institute monitoring, observability, and data governance 

  • Fast-track migrations from legacy cloud data warehouses to a lakehouse

  • Implement a single solution for all ETL (Extract, Transform, Load) use cases

In June 2025, Databricks launched Lakebase, an operational database for AI apps and agents. With this new offering, Databricks is paving the path for organizations to scale reliable, secure agentic AI initiatives.

Identity silos across apps

Databricks serves over 15,000 global customers and boasts a developer community north of 100,000 members. The company provides a variety of user portals to serve these user groups effectively: 

  • A community portal built on Khoros that offers developer resources, guides, and discussion forms.

  • A learning management system (LMS) built on Docebo that offers a variety of training paths and certifications.

  • A help portal built on Salesforce that links to documentation, knowledge base articles, and FAQs.

  • A partner portal built on Salesforce that provides onboarding and training resources to Databricks partners.

  • An event management portal built on Rainfocus that powers registration and information dissemination for events like the Data + AI Summit.

The Databricks team faced several challenges in unifying user authentication and identity management across these portals:

  • Fragmented user stores: Since these portals were hosted on third-party platforms that each had their own authentication system, the identity stores were siloed. This led to increased user friction, development complexity, and maintenance overhead for the identity team.

  • IdP complexity: Databricks had different user stores depending on which cloud a user deployed Databricks in (AWS, GCP, Azure), adding another layer of identity provider complexity to the equation.

  • Engineering bandwidth: The Databricks identity team’s charter focused on secure user journeys and did not extend into application development. This meant any enhancements to existing authentication flows could not involve extensive engineering work.

Sharon Aby, Senior Manager of IAM at Databricks, said:

“We were looking for a solution that would harmonize user journeys across various user portals and route the right user to the right app without requiring a lot of ongoing maintenance and custom work for our team. We quickly found that Descope was the ideal fit.”

The Descope experience

Descope’s Identity Federation Broker enabled Databricks to unify authentication flows across their myriad user portals by dynamically routing identities from the right app to the right IdP. 

  • Unified identity stores: The flexibility of workflows allowed for dynamic federation rather than traditionally hard-coded SSO connections. Conditional steps in workflows could route identities based on parameters like the originating app ID, the user’s email ID, the originating cloud, and more.

  • Bridged identity protocols: Descope could act as the IdP and SP within the same SSO flow, allowing Databricks to bridge connections between an app only compatible with SAML and an IdP only compatible with OpenID Connect.

  • Reduced dev burden: Descope allowed Databricks to define their user journeys as no / low code workflows within a federated SSO context. This made it easy to orchestrate many-to-many identity relationships and imbue user journeys with business logic.

Databricks Case Study Image

The ability to run business logic and call external connectors in the middle of an SSO flow unlocked several use cases for Databricks. For example, if a user authenticating on one portal was asked for their location, language preference, and preferred time zone, a user-facing screen would be shown to collect that information. Once the flow was complete, these user claims would also be available for all other user portals to leverage. This cross-app progressive profiling helped the Databricks team provide a seamless and personalized user experience across their digital properties.

Sharon Aby, Senior Manager of IAM at Databricks, said:

“Descope’s no / low code capabilities abstracted out the complexity of SSO and federation, but without locking us in to limited out-of-the-box implementation options. We can design any user journey for any app we desire and modify them without affecting the engineering roadmap.”

Drag & drop passkeys

One of the key goals for the Databricks identity team was securing employee and external user journeys. They had already driven the adoption of passkey-based authentication for enterprise employees. Descope provided them a low-lift, flexible way to provide the same secure and frictionless experience to external users.

With Descope’s drag & drop implementation and flexibility to add passkeys anywhere in the user journey, Databricks was able to promote passkeys to users as an MFA method once their initial authentication was complete.

Databricks passkeys-min

Customer 360, one app at a time

Databricks helps tens of thousands of businesses turn fragmented data into actionable insights, so achieving a 360-degree-view of their own users is critical. Descope provides a centralized user store and workflow-powered federated SSO, offering the Databricks identity team complete visibility over the user journey and the flexibility to enhance and evolve that journey with time.

Naveen Zutshi, CIO of Databricks, said:

“Descope has been a great partner to our IAM team. We appreciate the simplicity of their product, the speed of innovation, and their active and responsive support. Whenever we launch a new application or user portal for external stakeholders, Descope is now the default auth provider in our minds.”

Descope is a flexible drag & drop CIAM platform that helps organizations easily add authentication, authorization, and identity management to their apps, AI agents, and MCP servers. Customers use us for initiatives such as passwordless authentication, SSO, identity federation, strong MFA, fraud prevention, and agentic identity.

To get started with Descope, sign up for a Free Forever account. If you have questions about our platform, book time with our auth experts.

More customer stories

Read moreArrow Right

Read moreArrow Right

Read moreArrow Right

Chat with Sales

Anonymously - no Slack account required

G2 Users Love UsLeave a Descope review

All systems operational

Copyright © Descope Inc. All rights reserved.