Airflow Summit 2025 is coming October 07-09. Register now for early bird ticket!

Simple auth manager

Note

The Simple auth manager is intended for development and testing. If you’re using it in production, ensure that access is controlled through other means.

The simple auth manager is the auth manager that comes by default in Airflow 3. As its name suggests, the logic and implementation of the simple auth manager is simple.

Manage users

Users are managed through the Airflow configuration. Example:

[core]
simple_auth_manager_users = "bob:admin,peter:viewer"

The list of users are separated with a comma and each user is a couple username/role separated by a colon. Each user needs two pieces of information:

  • username. The user’s username

  • role. The role associated to the user. For more information about these roles, see next section.

In the example above, two users are defined:

  • bob whose role is admin

  • peter whose role is viewer

The password is auto-generated for each user and printed out in the webserver logs. When generated, these passwords are saved in a file configured in core.simple_auth_manager_passwords_file. By default, this file is $AIRFLOW_HOME/simple_auth_manager_passwords.json.generated, you can read and update them directly in the file as well if desired.

Note

With Breeze, two users are predefined: admin and viewer (password is the same as the username). admin has all permissions. viewer has read-only permissions.

Manage roles and permissions

There is no option to manage roles and permissions in simple auth manager. They are defined as part of the simple auth manager implementation and cannot be modified. Here is the list of roles defined in simple auth manager. These roles can be associated to users.

  • viewer. Read-only permissions on dags, assets and pools

  • user. viewer permissions plus all permissions (edit, create, delete) on dags

  • op. user permissions plus all permissions on pools, assets, config, connections and variables

  • admin. All permissions

Optional features

Disable authentication and allow everyone as admin

This option allow you to disable authentication and allow everyone as admin. As a consequence, whoever access the Airflow UI is automatically logged in as an admin with all permissions.

you can enable this feature through the config. Example:

[core]
simple_auth_manager_all_admins = "True"

Was this entry helpful?