Connect
Optimize
Secure
Live 36 Actions
Databricks Workspace MCP Server
for AI Agents
Connect your AI agent to StackOne's Databricks Workspace MCP server and give it 36 MCP tools out of the box. Auth, tool execution, and security all managed.
Databricks Workspace MCP Server
Built by 
StackOne
StackOne 
Coverage
36 Agent Actions
Create, read, update, and delete across Databricks Workspace — and extend your agent's capabilities with custom actions.
Authentication
Agent Tool Authentication
Per-user OAuth in one call. Your Databricks Workspace MCP server gets session-scoped tokens with zero credentials stored on your infra.
Agent Auth →
Security
Agent Protection
Every Databricks Workspace tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.
Prompt Injection Defense →
Performance
Max Agent Context. Min Cost.
Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Databricks Workspace call.
Tools Discovery →What is the Databricks Workspace MCP Server?
A Databricks Workspace MCP server lets AI agents read and write Databricks Workspace data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Databricks Workspace MCP server ships with 36 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, observability, and agent execution runtime. Connect it from MCP clients like Claude Desktop, Claude Code, Cursor, Goose, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.
All Databricks Workspace MCP Tools
Every action from Databricks Workspace's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.
Clusters
- Create Cluster
Create a new Databricks compute cluster with the supplied configuration
- List Clusters
List all pinned, active, and recently terminated clusters in the workspace
- Get Cluster
Retrieve the configuration and state of a specific cluster by ID
Jobs
- Create Job
Create a new job in the workspace
- List Jobs
List all jobs in the workspace
- Get Job
Get details of a specific job
- Update Job
Partially update a job's settings
- Delete Job
Delete a job from the workspace
Job Runs
- List Job Runs
List runs for a specific job or all runs in the workspace
- Get Job Run
Get details of a specific job run
SQL Warehouses
- Create SQL Warehouse
Create a new SQL warehouse
- List SQL Warehouses
List all SQL warehouses in the workspace
- Get SQL Warehouse
Get details of a specific SQL warehouse
- Delete SQL Warehouse
Delete a SQL warehouse
Workspace Objects
- Import Workspace Object
Import a notebook or file into the workspace
- List Workspace Objects
List objects in a workspace directory
- Export Workspace Object
Export a notebook or file from the workspace
- Delete Workspace Object
Delete a workspace object
Other (18)
- Create Workspace Directory
Create a directory in the workspace
- List Spark Versions
List the Spark versions available for use when creating a new cluster
- List Node Types
List the supported node types available for cluster worker and driver nodes
- Get Job Run Output
Get the output of a completed job run task
- Get SQL Statement
Get the status and results of a SQL statement execution
- Get Workspace Object Status
Get metadata for a workspace object
- Edit Cluster
Update the configuration of an existing cluster to match the supplied attributes
- Start Cluster
Start a terminated Spark cluster using its existing configuration
- Restart Cluster
Restart a Spark cluster that is currently running
- Terminate Cluster
Terminate a running cluster while preserving its configuration
- Permanently Delete Cluster
Permanently delete a cluster, removing its configuration entirely
- Run Job
Trigger a job run immediately
- Cancel Job Run
Cancel an active job run
- Execute SQL Statement
Execute a SQL statement on a warehouse
- Cancel SQL Statement
Cancel a running SQL statement execution
- Edit SQL Warehouse
Update configuration of an existing SQL warehouse
- Start SQL Warehouse
Start a stopped SQL warehouse
- Stop SQL Warehouse
Stop a running SQL warehouse
Set Up Your Databricks Workspace MCP Server in Minutes
One endpoint. Any framework. Your agent is talking to Databricks Workspace in under 10 lines of code.
Agent Frameworks
JSON{
"mcpServers": {
"stackone": {
"command": "npx",
"args": [
"-y",
"mcp-remote@latest",
"https://api.stackone.com/mcp?x-account-id=<account_id>",
"--header",
"Authorization: Basic <YOUR_BASE64_TOKEN>"
]
}
}
}Platform Resources
MCP Code Mode: Keeping Tool Responses Out of Agent Context
Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.
11 min
Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery
Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.
10 min
Indirect Prompt Injection Defense for MCP Tools: A Technical Guide
MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.
12 min
Databricks Workspace MCP Server FAQ
Does StackOne have a Databricks Workspace MCP server?
Yes. StackOne offers a hosted Databricks Workspace MCP server with 36 pre-built actions, and every action is tested and QA'd by StackOne. Connect it to Claude, Cursor, and any other MCP client, or to any agent framework through the AI Action SDK. It ships with managed agent authentication, prompt injection defense, and tool discovery with server-side execution that preserve your agent's context window and keep reasoning performance.
Databricks Workspace MCP server vs direct API integration — what's the difference?
A Databricks Workspace MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Databricks Workspace. A Databricks Workspace MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Databricks Workspace at runtime. StackOne provides both.
How does Databricks Workspace authentication work for AI agents?
Databricks Workspace authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Databricks Workspace account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via
origin_owner_id.Are Databricks Workspace MCP tools vulnerable to prompt injection?
Yes — Databricks Workspace MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Databricks Workspace agent and how do I avoid it?
Context bloat happens when Databricks Workspace tool schemas and API responses eat your Databricks Workspace agent's memory, preventing it from reasoning effectively. A single Databricks Workspace query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Databricks Workspace agent can access?
Yes — you can limit which actions your Databricks Workspace agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Databricks Workspace MCP server?
Yes — you can create custom agent actions for your Databricks Workspace MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Databricks Workspace's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Databricks Workspace MCP server?
Skip a Databricks Workspace MCP server if your integration is purely software-to-software — direct Databricks Workspace API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Databricks Workspace actions at runtime.
What AI frameworks and AI clients does the StackOne Databricks Workspace MCP server support?
The StackOne Databricks Workspace MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.
Put your AI agents to work
All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.