Simple auth manager

Note

Before reading this, you should be familiar with the concept of auth manager. See Auth manager.

Warning

The simple auth manager is intended to be used for development and testing purposes. It should not be used in a production environment.

The simple auth manager is the auth manager that comes by default in Airflow 3. As its name suggests, the logic and implementation of the simple auth manager is simple.

Manage users

Users are managed through the Airflow configuration. Example:

[core]
simple_auth_manager_users = "bob:admin,peter:viewer"

The list of users are separated with a comma and each user is a couple username/role separated by a colon. Each user needs two pieces of information:

  • username. The user’s username

  • role. The role associated to the user. For more information about these roles, see next section.

In the example above, two users are defined:

  • bob whose role is admin

  • peter whose role is viewer

The password is auto-generated for each user and printed out in the webserver logs. When generated, these passwords are also saved in your environment, therefore they will not change if you stop or restart your environment.

The passwords are saved in the file generated/simple_auth_manager_passwords.json.generated, you can read and update them directly in the file as well if desired.

Manage roles and permissions

There is no option to manage roles and permissions in simple auth manager. They are defined as part of the simple auth manager implementation and cannot be modified. Here is the list of roles defined in simple auth manager. These roles can be associated to users.

  • viewer. Read-only permissions on DAGs, assets and pools

  • user. viewer permissions plus all permissions (edit, create, delete) on DAGs

  • op. user permissions plus all permissions on pools, assets, config, connections and variables

  • admin. All permissions

Optional features

Disable authentication and allow everyone as admin

This option allow you to disable authentication and allow everyone as admin. As a consequence, whoever access the Airflow UI is automatically logged in as an admin with all permissions.

you can enable this feature through the config. Example:

[core]
simple_auth_manager_all_admins = "True"

Was this entry helpful?