[Documentation] Added HCL provider example for WIF authentication (#4799)

## Changes
<!-- Summary of your changes that are easy to understand -->
- Add HCL example for WIF authentication. 
- Make `NEXT_CHANGELOG.md` consistent, currently it's not indented
properly.

## Tests
<!-- 
How is this tested? Please see the checklist below and also describe any
other relevant tests
-->
N/A
- [ ] `make test` run locally
- [ ] relevant change in `docs/` folder
- [ ] covered with integration tests in `internal/acceptance`
- [ ] using Go SDK
- [ ] using TF Plugin Framework

---------

Co-authored-by: Alex Ott <[email protected]>

Author: tanmay-db

NEXT_CHANGELOG.md

@@ -5,16 +5,16 @@
 ### Breaking Changes
 
 ### New Features and Improvements
- * Added `time_rotating` argument to `databricks_service_principal_secret` to enable secret rotation ([#4789](https://github.com/databricks/terraform-provider-databricks/pull/4789)).
-
 
+* Added `time_rotating` argument to `databricks_service_principal_secret` to enable secret rotation ([#4789](https://github.com/databricks/terraform-provider-databricks/pull/4789)).
 * Add AWS support for `databricks_mws_ncc_private_endpoint_rule` ([#4804](https://github.com/databricks/terraform-provider-databricks/pull/4804)).
 * Added `key` argument to `databricks_jobs` data source to enable mapping by job ID and allow duplicate job names ([#4796](https://github.com/databricks/terraform-provider-databricks/pull/4796)).
 
 ### Bug Fixes
 
 ### Documentation
 
+* Added HCL provider example for WIF authentication ([#4799](https://github.com/databricks/terraform-provider-databricks/pull/4799))
 * Added link to Workload Identity Federation page ([#4786](https://github.com/databricks/terraform-provider-databricks/pull/4786)).
 * auto `zone_id` can only be used for fleet node types in `databricks_instance_pool` resource ([#4782](https://github.com/databricks/terraform-provider-databricks/pull/4782)).
 * Document `tags` attribute in `databricks_pipeline` resource ([#4783](https://github.com/databricks/terraform-provider-databricks/pull/4783)).

docs/index.md

@@ -277,6 +277,32 @@ provider "databricks" {
 
 Workload Identity Federation can be used to authenticate Databricks from automated workflows. This is done through the tokens issued by the automation environment. For more details on environment variables regarding the specific environments, please see: https://docs.databricks.com/aws/en/dev-tools/auth/oauth-federation-provider. 
 
+To create resources at both the account and workspace levels, you can create two providers as shown below:
+
+Workspace level provider:
+```hcl
+provider "databricks" {
+  alias       = "workspace"
+  auth_type   = "env-oidc"
+  host        = var.workspace_host
+  client_id   = var.client_id
+}
+```
+
+Account level provider:
+```hcl
+provider "databricks" {
+  alias       = "account"
+  auth_type   = "env-oidc"
+  host        = var.account_host
+  client_id   = var.client_id
+  account_id  = var.account_id
+}
+```
+
+Note: `auth_type` for Github Actions would be "github-oidc". For more details, please see the document linked above. 
+
+
 ## Special configurations for Azure
 
 The below Azure authentication options are supported at both the account and workspace levels. The provider works with [Azure CLI authentication](https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli?view=azure-cli-latest) to facilitate local development workflows, though for automated scenarios, managed identity or service principal auth is recommended (and specification of `azure_use_msi`, `azure_client_id`, `azure_client_secret` and `azure_tenant_id` parameters).