langflow/docs/docs/guidelines/api.mdx
Gabriel Luiz Freitas Almeida 8b27152712 📝 docs(api.mdx): add documentation for API Keys in Langflow
🔀 chore(sidebars.js): uncomment API guidelines in the sidebar
🖼️ chore(api-key.png): add image for API Key documentation
2023-09-26 10:55:54 -03:00

147 lines
4.2 KiB
Text

import useBaseUrl from "@docusaurus/useBaseUrl";
import ZoomableImage from "/src/theme/ZoomableImage.js";
# API Keys
## Introduction
Langflow offers an API Key functionality that allows users to access their individual components and flows without going through traditional login authentication. The API Key is a user-specific token that can be included in the request's header or query parameter to authenticate API calls. The following documentation outlines how to generate, use, and manage these API Keys in Langflow.
## Generating an API Key
### Through Langflow UI
{/* add image img/api-key.png */}
<ZoomableImage
alt="Docusaurus themed image"
sources={{
light: useBaseUrl("img/api-key.png"),
}}
style={{ width: "50%", maxWidth: "600px", margin: "0 auto" }}
/>
1. Click on the "API Key" icon.
2. Click on "Create new secret key".
3. Give it an optional name.
4. Click on "Create secret key".
5. Copy the API key and store it in a secure location.
## Using the API Key
### Using the `x-api-key` Header
Include the `x-api-key` in the HTTP header when making API requests:
```bash
curl -X POST \
http://localhost:3000/api/v1/process/<your_flow_id> \
-H 'Content-Type: application/json'\
-H 'x-api-key: <your api key>'\
-d '{"inputs": {"text":""}, "tweaks": {}}'
```
With Python using `requests`:
```python
import requests
from typing import Optional
BASE_API_URL = "http://localhost:3001/api/v1/process"
FLOW_ID = "4441b773-0724-434e-9cee-19d995d8f2df"
# You can tweak the flow by adding a tweaks dictionary
# e.g {"OpenAI-XXXXX": {"model_name": "gpt-4"}}
TWEAKS = {}
def run_flow(inputs: dict,
flow_id: str,
tweaks: Optional[dict] = None,
apiKey: Optional[str] = None) -> dict:
"""
Run a flow with a given message and optional tweaks.
:param message: The message to send to the flow
:param flow_id: The ID of the flow to run
:param tweaks: Optional tweaks to customize the flow
:return: The JSON response from the flow
"""
api_url = f"{BASE_API_URL}/{flow_id}"
payload = {"inputs": inputs}
headers = {}
if tweaks:
payload["tweaks"] = tweaks
if apiKey:
headers = {"x-api-key": apiKey}
response = requests.post(api_url, json=payload, headers=headers)
return response.json()
# Setup any tweaks you want to apply to the flow
inputs = {"text":""}
api_key = "<your api key>"
print(run_flow(inputs, flow_id=FLOW_ID, tweaks=TWEAKS, apiKey=api_key))
```
### Using the Query Parameter
Alternatively, you can include the API key as a query parameter in the URL:
```bash
curl -X POST \
http://localhost:3000/api/v1/process/<your_flow_id>?x-api-key=<your_api_key> \
-H 'Content-Type: application/json'\
-d '{"inputs": {"text":""}, "tweaks": {}}'
```
Or with Python:
```python
import requests
BASE_API_URL = "http://localhost:3001/api/v1/process"
FLOW_ID = "4441b773-0724-434e-9cee-19d995d8f2df"
# You can tweak the flow by adding a tweaks dictionary
# e.g {"OpenAI-XXXXX": {"model_name": "gpt-4"}}
TWEAKS = {}
def run_flow(inputs: dict,
flow_id: str,
tweaks: Optional[dict] = None,
apiKey: Optional[str] = None) -> dict:
"""
Run a flow with a given message and optional tweaks.
:param message: The message to send to the flow
:param flow_id: The ID of the flow to run
:param tweaks: Optional tweaks to customize the flow
:return: The JSON response from the flow
"""
api_url = f"{BASE_API_URL}/{flow_id}"
payload = {"inputs": inputs}
headers = {}
if tweaks:
payload["tweaks"] = tweaks
if apiKey:
api_url += f"?x-api-key={apiKey}"
response = requests.post(api_url, json=payload, headers=headers)
return response.json()
# Setup any tweaks you want to apply to the flow
inputs = {"text":""}
api_key = "<your api key>"
print(run_flow(inputs, flow_id=FLOW_ID, tweaks=TWEAKS, apiKey=api_key))
```
## Security Considerations
- **Visibility**: The API key won't be retrievable again through the UI for security reasons.
- **Scope**: The key only allows access to the flows and components of the specific user to whom it was issued.
## Revoking an API Key
To revoke an API key, simply delete it from the UI. This will immediately invalidate the key and prevent it from being used again.