[I] JWT tokens appearing in task logs [airflow]

Tue, 24 Feb 2026 11:49:32 -0800 


unixengineer opened a new issue, #62428:
URL: https://github.com/apache/airflow/issues/62428

   ### Apache Airflow version
   
   3.1.7
   
   ### If "Other Airflow 3 version" selected, which one?
   
   _No response_
   
   ### What happened?
   
   in task logs, JWT tokens are being exposed. hers is an example:
   ```
   {"timestamp":"2026-02-24T19:46:05.812507Z","level":"info","event":"Executing 
workload","workload":"ExecuteTask(token='eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIwMTljOTEyZS1mNzIxLTcyMjYtODA0Yi1hMGYwNjE4NzU4NDkiLCJqdGkiOiI4NzY3ZjQyMTllMjM0NmU5YjdkOWI2ZjNjODIzM2RlNiIsImF1ZCI6InVybjphaXJmbG93LmFwYWNoZS5vcmc6dGFzayIsIm5iZiI6MTc3MTk2MjMzNSwiZXhwIjoxNzcxOTYyOTM1LCJpYXQiOjE3NzE5NjIzMzV9.rS5py-iaK7SjB5wAWmaWPdRBPX_nwZd96e6I10GnLAqyzBimv1Mb4TmtKJ-R2kNjKd_85z2DE8uKE73Qn1hUGA',
 ti=TaskInstance(id=UUID('019c912e-f721-7226-804b-a0f061875849'), 
dag_version_id=UUID('019c912f-3165-7016-af2f-ccd4979fff19'), 
task_id='upload_to_s3', dag_id='sync_git_to_s3', 
run_id='scheduled__2026-02-24T19:45:00+00:00', try_number=1, map_index=-1, 
pool_slots=1, queue='default', priority_weight=1, executor_config=None, 
parent_context_carrier={}, context_carrier={}), 
dag_rel_path=PurePosixPath('sync_git_to_s3.py'), 
bundle_info=BundleInfo(name='dags-folder', version=None), 
log_path='dag_id=sync_git_to_s3/run_id=sc
 heduled__2026-02-24T19:45:00+00:00/task_id=upload_to_s3/attempt=1.log', 
type='ExecuteTask')","logger":"__main__","filename":"execute_workload.py","lineno":56}
   ```
   
   ### What you think should happen instead?
   
   Token exposure is being flagged as security risk and why expose the token in 
the logs ?
   
   ### How to reproduce
   
   3.1.7 - set logging to INFO
   
   ### Operating System
   
   RHEL 9
   
   ### Versions of Apache Airflow Providers
   
   _No response_
   
   ### Deployment
   
   Official Apache Airflow Helm Chart
   
   ### Deployment details
   
   _No response_
   
   ### Anything else?
   
   _No response_
   
   ### Are you willing to submit PR?
   
   - [ ] Yes I am willing to submit a PR!
   
   ### Code of Conduct
   
   - [x] I agree to follow this project's [Code of 
Conduct](https://github.com/apache/airflow/blob/main/CODE_OF_CONDUCT.md)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to