bugraoz93 commented on code in PR #54196:
URL: https://github.com/apache/airflow/pull/54196#discussion_r2263615409
##########
airflow-core/docs/core-concepts/auth-manager/index.rst:
##########
@@ -172,6 +172,40 @@ cookie named ``_token`` before redirecting to the Airflow
UI. The Airflow UI wil
.. note::
Do not set the cookie parameter ``httponly`` to ``True``. Airflow UI needs
to access the JWT token from the cookie.
+Refreshing JWT Token
+''''''''''''''''''''
+The refresh token ``<METHOD> <PATH>`` is ``POST /auth/token/refresh``. It
returns a new JWT token in the cookie where updated token is stored.
+It requires the user to be authenticated, and it is usually called by the
Airflow UI/API when the JWT token is about to expire.
+This endpoint is used to refresh the JWT token when it is about to expire.
+The auth manager should implement this endpoint to allow the Airflow UI/API to
refresh the JWT token.
Review Comment:
Make sense! added example and mentioned that this is not needed in case the
logic is not there and gave the example for the keys similar to Keycloak, but
mentioned that they are tentative and can be different
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@airflow.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
