• Home
• Core Concepts
• Auth manager
• Simple auth manager

Simple auth manager

Note

Before reading this, you should be familiar with the concept of auth manager. See Auth manager.

Warning

The simple auth manager is intended to be used for development and testing purposes. It should not be used in a production environment.

The simple auth manager is the auth manager that comes by default in Airflow 3. As its name suggests, the logic and implementation of the simple auth manager is simple.

Manage users

Users are managed through the webserver config file. In this file, the list of users are defined in the constant SIMPLE_AUTH_MANAGER_USERS. Example:

SIMPLE_AUTH_MANAGER_USERS = [
    {
        "username": "admin",
        "role": "admin",
    }
]

Each user needs two pieces of information:

• username. The user’s username

• role. The role associated to the user. For more information about these roles, see next section.

The password is auto-generated for each user and printed out in the webserver logs. When generated, these passwords are also saved in your environment, therefore they will not change if you stop or restart your environment.

The passwords are saved in the file generated/simple_auth_manager_passwords.json.generated, you can read and update them directly in the file as well if desired.

Manage roles and permissions

There is no option to manage roles and permissions in simple auth manager. They are defined as part of the simple auth manager implementation and cannot be modified. Here is the list of roles defined in simple auth manager. These roles can be associated to users.

• viewer. Read-only permissions on DAGs, assets and pools

• user. viewer permissions plus all permissions (edit, create, delete) on DAGs

• op. user permissions plus all permissions on pools, assets, config, connections and variables

• admin. All permissions

Optional features

Disable authentication and allow everyone as admin

This option allow you to disable authentication and allow everyone as admin. As a consequence, whoever access the Airflow UI is automatically logged in as an admin with all permissions.

To enable this feature, you need to set the constant SIMPLE_AUTH_MANAGER_ALL_ADMINS to True in the webserver config file. Example:

SIMPLE_AUTH_MANAGER_ALL_ADMINS = True

Previous Next

Was this entry helpful?