Never expose sensitive config values in UI

[potiuk]

Body

Currently the expose config allows deployment manager to expose also sensitive data - when set to True https://airflow.apache.org/docs/apache-airflow/stable/configurations-ref.html#expose-config. The non-sensitive-only value causes sensitive field masking.

With the discussion mentioned in #59838 we agreed that we should never expose sensitive data over any public API where UI user can authenticate (only via task-sdk API where tasks get dedicated JWT token)

This means that:

• Only True/False should be expected for expose-config and True means that sensitive fields are masked
• We should add fallback - when "non-sensitive-data" is set for the parameter it should be treated as True and deprecation warning should be raised
• newsfragment should be added explaining the behaviour change

Committer

• I acknowledge that I am a maintainer/committer of the Apache Airflow project.

[pratyush0325]

Hi @potiuk, I’m a new contributor and would like to work on this issue if it’s still available. I’ll follow up with a PR soon.

[potiuk]

feel free

[yjaw]

Should this issue be closed?

[potiuk]

@pratyush0325 We are unassigning you from this issue as part of our updated assignment policy.

This is not meant to discourage your contribution — quite the opposite! You are still very welcome to work on this issue and submit a PR for it. Simply comment that you are working on it and open a PR when ready.

We found that formal assignments were not working well, as they often prevented others from contributing when the assignee was not actively working on the issue.

[andreahlert]

Closed by PR #59880 (merged 2026-01-03). Sensitive config values are now always masked in public APIs; expose_config accepts only True/False; non-sensitive-only is treated as True with deprecation warning.