vincbeck commented on PR #42634: URL: https://github.com/apache/airflow/pull/42634#issuecomment-2419963588
> If that's too much work, we can at first only support JWT Oauth for the new API (both public and UI). And add more backends in 3.x. I don't know how critical it is to have that in the initial airflow 3 release. I have been trying and experimenting to support auth backends in the public API in FastApi and I am still unsure it is possible to support them in FastApi. `session`, `basic_auth` and `kerberos` are heavily dependent on Flask and require a Flask application created in order to work. So I am wondering if JWT should not be the only way to authenticate to UI and public API. If we go that direction we would have to create an API to create a token. Here is an example of flow: - As a user, I want to use the public API, to do that I need a JWT token - I call an api like `POST /public/token` with authentication information as part of the body (e.g. username and password) - If the authentication succeeds, the API returns the JWT token - With this token I can call the public API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
