Thanks for your feedbacks. I went ahead and created a PR to create the new
provider: https://github.com/apache/airflow/pull/51081
On 2025/05/21 15:44:44 Buğra Öztürk wrote:
> I think having a separate Keycloak auth manager would be amazing. Thanks
> for the discussion and PoC work Vincent!
>
> O
I think having a separate Keycloak auth manager would be amazing. Thanks
for the discussion and PoC work Vincent!
On Wed, 21 May 2025, 16:46 Jarek Potiuk, wrote:
> Yes. That would be rather useful and finally allow "enterprise" users to
> not have to use FAB for just authentication in Airflow 3.
> Oh, this could be cool! But quite specific since not everyone has Keycloak
> for auth things and Airflow still has to have some own one.
> May be not full delegation, but some sort of synchronization could be a
> great middle ground. Airflow works like it always been, while source of
> auth info
Yes. That would be rather useful and finally allow "enterprise" users to
not have to use FAB for just authentication in Airflow 3.
> We're using Keycloak, integrated with Airflow using the FAB auth manager
> (OpenID). As of now, it has worked properly for us to login to the
webpage,
> but I never
Hi Vincent,
This looks promising!
We're using Keycloak, integrated with Airflow using the FAB auth manager
(OpenID). As of now, it has worked properly for us to login to the webpage,
but I never managed to get the API working for Keycloak users (I had to
create users using FAB directly).
We have
Oh, this could be cool! But quite specific since not everyone has Keycloak
for auth things and Airflow still has to have some own one.
May be not full delegation, but some sort of synchronization could be a
great middle ground. Airflow works like it always been, while source of
auth info becomes Ke
Good point.
You're right — it's already possible to use Keycloak for user authentication
with the FAB (Flask AppBuilder) auth manager. You can configure FAB to use
Keycloak as an identity provider, allowing users to authenticate via Keycloak.
Authorization, however, remains handled within FAB,
Hi!
Sounds great, but Airflow already works perfectly to auth users via
Keycloak LDAP protocol. What this provider will change and why it will be
better than now?
--
,,,^..^,,,
On Tue, May 20, 2025 at 7:32 PM Beck, Vincent
wrote:
> Hi all,
>
> I'd like to propose adding a new provider, Keycloa
