alexbegg commented on issue #10330: URL: https://github.com/apache/airflow/issues/10330#issuecomment-674319661
@Minyus I just want to clarify some things. The same [Security](https://airflow.apache.org/docs/stable/security.html) documentation page explains both the `auth_backend` under [api] (which as of 1.10.11 defaults to `airflow.api.auth.backend.deny_all`) and the `auth_backend` under [webserver] (which does not seem to be included in the default config, I assume because by default `authenticate` is `False`). That part is misleading, but I am sure that both settings do different things. Setting your API `auth_backend` won't also set your webserver `auth_backend`, and vice-versa. And not describing `auth_backend` under "webserver" on the [Configuration reference](https://airflow.apache.org/docs/stable/configurations-ref.html) page is confusing things. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
