1412557 opened a new issue, #52103: URL: https://github.com/apache/airflow/issues/52103
### Apache Airflow Provider(s) fab ### Versions of Apache Airflow Providers `apache-airflow-providers-fab==2.2.0` ### Apache Airflow version 3.0.2 ### Operating System OS: RHEL UBI9, python3.12, Auth Manager: FAB; Authentication Backend: LDAP ### Deployment Other Docker-based deployment ### Deployment details CloudFormation and AWS ECS ### What happened We were using Airflow 2.9.2 with LDAP authentication. Other services use LDAP credentials to authenticate and call Airflow API to trigger DAG. Now we want to upgrade to Airflow 3.0.x with FAB auth manager and LDAP authentication, the JWT token generation endpoint `/auth/token` fails to authenticate LDAP users, even though these users can successfully log in through the web UI (token can be found in local storage). _Local Airflow users can generate JWT token successfully but we do not prefer using static credentials_ ### What you think should happen instead LDAP users should be able to generate JWT tokens via the `/auth/token` endpoint for programmatic access to Airflow APIs ### How to reproduce 1. Configure Airflow 3.0 with FAB auth manager and LDAP authentication ` [Environment] AIRFLOW__CORE__AUTH_MANAGER=airflow.providers.fab.auth_manager.fab_auth_manager.FabAuthManager AIRFLOW__FAB__AUTH_BACKENDS=airflow.providers.fab.auth_manager.api.auth.backend.session, airflow.providers.fab.auth_manager.api.auth.backend.basic_auth AIRFLOW__DATABASE__EXTERNAL_DB_MANAGERS=airflow.providers.fab.auth_manager.models.db.FABDBManager ` 2. Create an LDAP user and verify webUI login works 3. Attempt to generate JWT token via API `/auth/token` as describe [here](https://airflow.apache.org/docs/apache-airflow-providers-fab/stable/auth-manager/token.html) 4. Error 401 Unauthorized ### Anything else If the bug is legit, will it be fixed soon? can you provide some estimation? ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
