melicheradam commented on issue #51362: URL: https://github.com/apache/airflow/issues/51362#issuecomment-3633457582
Hey @vincbeck, to me it seems like this is adressing the issue from the other end. From my testing the API authorization flow was using `FabAuthManager.get_user_from_token`, som im not sure where this is integrated in all of that. How is this intended to be used? Get token from IAM -> send this token as Bearer header to airflow/api/auth endpoint -> receive new "airflow token" -> use this "airflow token" for subsequent requests? In Airflow 2, it was not about **creating** tokens, but about **processing** tokens. The thing is, when having a multi-service architecture, you usually dont want each service/app issuing its own tokens. You have a IAM/Authz provider that generates the tokens, and then each service can just validate the token from this provider. Either way seems like this can be used, if I understood it correctly. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
