Using the REST API¶
This document is meant to give an overview of all common tasks while using an REST API.
Note
API endpoints and samples are described in REST API Reference.
CLI¶
For some functions the cli can use the API. To configure the CLI to use the API when available configure as follows:
[cli]
api_client = airflow.api.client.json_client
endpoint_url = http://<WEBSERVER>:<PORT>
Authentication¶
Authentication for the API is handled separately to the Web Authentication. The default is to not
require any authentication on the API – i.e. wide open by default. This is not recommended if your
Airflow webserver is publicly accessible, and you should probably use the deny all
backend:
[api]
auth_backend = airflow.api.auth.backend.deny_all
Two “real” methods for authentication are currently supported for the API.
To enabled Password authentication, set the following in the configuration:
[api]
auth_backend = airflow.contrib.auth.backends.password_auth
It’s usage is similar to the Password Authentication used for the Web interface.
To enable Kerberos authentication, set the following in the configuration:
[api]
auth_backend = airflow.api.auth.backend.kerberos_auth
[kerberos]
keytab = <KEYTAB>
The Kerberos service is configured as airflow/fully.qualified.domainname@REALM
. Make sure this
principal exists in the keytab file.