MCP Security Deep Dive: How Databricks Secures Tool Access for Enterprise Users

As agents connect to external tools and systems, security becomes a first-order concern. Every interaction — from authentication to tool invocation — must be governed, permissioned, and fully auditable. One leaked credential or broken audit trail can break production trust overnight.In this deep dive, we'll show how to secure MCP-based integrations in production on Databricks. You'll learn how to implement authentication and authorization, manage fine-grained access to tools, and ensure every agent action is traceable end-to-end. We'll also share how Databricks applies these patterns internally — using Unity Catalog connections to securely grant MCP access to thousands of users — along with the key risks, design tradeoffs, and best practices.You'll walk away with a production-ready blueprint for protecting data and systems as agents start taking real actions on behalf of your users.