korhankale opened a new issue, #53103: URL: https://github.com/apache/airflow/issues/53103
### Apache Airflow version 3.0.2 ### If "Other Airflow 2 version" selected, which one? _No response_ ### What happened? Having airflow version 3.0.2 with & the fab provider enabled (version 2.2.1) using the docker-compose configuration provided [here](https://airflow.apache.org/docs/apache-airflow/3.0.2/docker-compose.yaml). I am preparing a migration from version 2 to 3 and have to switch to fab for role & user management. While trying the api to manage roles (e.g: `/auth/fab/v1/roles`) I noticed the token we retrieve using the `/auth/token` endpoint isn't working for fab endpoints. I was expecting this to be a missconfiguration but it also happens with the base docker-compose/airflow image. Additionally the documentation for fab states this: > Changed in version 3.0.0: In Airflow, the default setting is using token based authentication. This approach is independent from which auth_backend is used. The default setting is using Airflow public API to create a token (JWT) first and use this token in the requests to access the API. ### What you think should happen instead? GET `/auth/fab/v1/roles` should give me the list of roles if I have the `can read on Roles` permission (which seem to be required as custom_view permission in the provider's code) ### How to reproduce - run the following docker compose config: https://airflow.apache.org/docs/apache-airflow/3.0.2/docker-compose.yaml - retrieve a jwt token by querying `/auth/token` - send a request to GET `/api/v2/pools` with the bearer token -> 200 - send a request to GET `/auth/fab/v1/roles` with the same bearer token -> 403 forbidden (though I am not sure about this, with the docker-compose config I am getting "Unauthenticated" and in already existing projects running using the helm chart I am getting "Forbidden" but this is probably due to differences in configuration) ### Operating System debian 12 ### Versions of Apache Airflow Providers _No response_ ### Deployment Official Apache Airflow Helm Chart ### Deployment details _No response_ ### Anything else? _No response_ ### Are you willing to submit PR? - [ ] Yes I am willing to submit a PR! ### Code of Conduct - [x] I agree to follow this project's [Code of Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
