Hello All!
As mentioned in the release e-mail, Session-based Authentication and OAuth2 is now implemented in AWX. The old AuthToken authentication system has been removed in favor of the new system. See issue #21 (https://github.com/ansible/awx/issues/21) and PR: https://github.com/ansible/awx/pull/904.
Session-based authentication provides a more secure method for authenticating by using a ‘session_id’ cookie, which is valid for a limited time, and can be revoked at any time.
With OAuth2, users can issue application tokens and personal authentication tokens, which can be used to programmatically access the AWX API. These tokens can be scoped to ‘read’ or ‘write’ roles, which are applied on top of the existing RBAC permissions for the user of that token. For more information on session authentication changes, read session.md, and for more information on management and use of OAuth2 tokens and applications see oauth.md and api_o_auth_authorization_root.md.
Note: this addition includes new dependencies and models, and will require a fresh build.
Thank you,
Christian