IAM (Identity & Access Management)

Airflows provides integration with Keycloak in order to add authentication to the admin & modeling tools with minimum fuss.

You'll even get advanced features such as User Federation, Identity Brokering and Social Login.

In order to configure IAM you must visit /auth endpoint to configure the Airflows realm, the Airflows client, and the users, etc.

The first time, the admin user is "admin", and the password is "Admin1234!". We recommend you to change it.

First, you must create a realm for airflows. Click on "Add realm" button.

Fill in the "airflows" name and click on "Create" button.

Once you have created the realm, you can select in the top left menu.

Then, you must register Airflows client.

If you are not an advanced Keycloak user, fill in the following info:

• Change iamdemo to your application name accordingly

You must enable "Implicit" flow.

You need to create a mapper.

Fill in the following info:

Then, click on save button.

Let's add some users now.

Fill the form and click on "Save" button.

Let's add a password to the user.

Fill the form and click on "Set password" button.

Now, let's map the user to an Airflows user.

In order to configure the integration, we need to get the shared RSA public key.

Click on "public key" button, and the key will appear.

Copy it and browse to the admin tool.

Paste the shared public key into the public key field, and click on "Apply change" button.

You can now logout, and thats all.

You will be redirected to the new login page, managed by keycloak IAM.

You can now access the admin tool with the configured user.

You can now use the Keycloak admin tool to configure your favorite social login (Google, Facebook, LinkedIn, Instagram, ........) or to integrate with SAML, .....