What do you see as an issue?
The webserver-authentication.rst documentation currently shows basic authentication and some OAuth provider examples, but does not include a practical example for Azure Active Directory (Azure AD) that demonstrates how to configure Azure AD OAuth in webserver_config.py, extract roles/groups from the token, and map them to Airflow RBAC roles.
While the SSO docs include a generic Azure AD provider example, they do not cover end-to-end usage with the webserver authentication manager.
Solving the problem
Add an advanced example section in webserver-authentication.rst showing:
- Azure AD OAuth provider config in
webserver_config.py
- Custom security manager subclass to parse Azure AD token claims
- Example role/group to Airflow role mapping (
AUTH_ROLES_MAPPING)
- Basic explanation of relevant settings such as
AUTH_ROLES_SYNC_AT_LOGIN
This would help users using Azure AD for authentication and role mapping in real deployments.
Anything else
No response
Are you willing to submit PR?
Code of Conduct
What do you see as an issue?
The
webserver-authentication.rstdocumentation currently shows basic authentication and some OAuth provider examples, but does not include a practical example for Azure Active Directory (Azure AD) that demonstrates how to configure Azure AD OAuth inwebserver_config.py, extract roles/groups from the token, and map them to Airflow RBAC roles.While the SSO docs include a generic Azure AD provider example, they do not cover end-to-end usage with the webserver authentication manager.
Solving the problem
Add an advanced example section in
webserver-authentication.rstshowing:webserver_config.pyAUTH_ROLES_MAPPING)AUTH_ROLES_SYNC_AT_LOGINThis would help users using Azure AD for authentication and role mapping in real deployments.
Anything else
No response
Are you willing to submit PR?
Code of Conduct