> For the complete documentation index, see [llms.txt](https://documentation.immuta.com/saas/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.immuta.com/saas/configuration/integrations/databricks/databricks-lakebase/reference-guides/security-and-compliance.md). # Security and Compliance Immuta offers several features to provide security for your users and to prove compliance and monitor for anomalies. ## Authentication ### Registering the connection The Databricks Lakebase connection supports **OAuth machine-to-machine (M2M)** authentication to register a connection. The Databricks Lakebase connection authenticates as a Databricks identity and generates an OAuth token. Immuta then uses that token as a password when connecting to PostgreSQL. To enable secure, automated machine-to machine access to the database instance, the connection must obtain an OAuth token using a Databricks service principal. See the [Databricks OAuth machine-to-machine (M2M) authentication page](https://docs.databricks.com/aws/en/oltp/instances/authentication#obtain-an-oauth-token-in-a-machine-to-machine-flow) for more details. ### Identity providers for user authentication The built-in Immuta IAM can be used as a complete solution for authentication and user entitlement. However, you can connect your existing identity management provider to Immuta to use that system for authentication and user entitlement instead. Each of the supported identity providers includes a specific set of configuration options that enable Immuta to communicate with the IAM system and map the users, permissions, groups, and attributes into Immuta. See the [Identity managers guide](/saas/configuration/people/section-contents/reference-guides/index.md) for a list of supported providers and details. See the [Databricks Lakebase integration reference guide](/saas/configuration/integrations/databricks/databricks-lakebase/reference-guides/databricks-lakebase-integration.md#user-registration-and-id-mapping) for details about user provisioning and mapping user accounts to Immuta. ## Auditing and compliance Immuta provides governance reports so that data owners and governors can monitor users' access to data and detect anomalies in behavior. Immuta governance reports allow users with the `GOVERNANCE` Immuta permission to use a natural language builder to instantly create reports that delineate user activity across Immuta. These reports can be based on various entity types, including users, groups, projects, data sources, purposes, policy types, or connection types. See the [Governance report types](/saas/govern/detect-your-data/audit/reference-guides/reports.md) page for a list of report types and guidance. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.immuta.com/saas/configuration/integrations/databricks/databricks-lakebase/reference-guides/security-and-compliance.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.