I'm attempting to integrate Airflow with Okta, however there is little documentation available online. I'm referring to a blog article, but I can't seem to get Okta to work.
Blog URL : https://tech.scribd.com/blog/2021/integrating-airflow-and-okta.html
If anyone has used Airflow with Okta, please share your experiences.
In addition, I followed all the steps outlined in Airflow + Okta integration problem OAuth2.0.
I'm having the same problem with access prohibited.
I had a bit of trouble getting this to work but in the end this is what I did:
Installed the following with PIP:
flask-appbuilder==3.4.5
sqlalchemy==1.3.18
authlib==1.0.1
in webserver_config.py
from flask_appbuilder.security.manager import AUTH_OAUTH
AUTH_TYPE = AUTH_OAUTH
AUTH_ROLES_SYNC_AT_LOGIN = True
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"
OAUTH_PROVIDERS = [
{'name': 'okta', 'icon': 'fa-circle-o',
'token_key': 'access_token',
'remote_app': {
'client_id': 'myclientid',
'client_secret': 'myclientsecret',
'api_base_url': 'https://myoktadomain.okta.com/oauth2/v1/',
'client_kwargs': {
'scope': 'openid profile email groups'
},
'access_token_url': 'https://myoktadomain.okta.com/oauth2/v1/token',
'authorize_url': 'https://myoktadomain.okta.com/oauth2/v1/authorize',
'jwks_uri': "https://myoktadomain.okta.com/oauth2/v1/keys"
}
}
]
Have the following settings in my Okta App:
Not shown in the screenshots I have these 2 settings as well:
Sign-in redirect URIs:
maybe we don't all of these???
Initiate login URI: https://myairflowurl.com/login
As it stands, everyone who authenticates through Okta now gets Admin Access. I believe with some more work we can make use of roles / more granular permissions
