Getting Started
The ZenML OSS server is a FastAPI application, therefore the OpenAPI-compliant docs are available at /docs or /redoc of your ZenML server:
Accessing the ZenML OSS API
For OSS users: The server_url is the root URL of your ZenML server deployment.
If you are using the ZenML OSS server API using the methods displayed above, it is enough to be logged in to your ZenML account in the same browser session. However, in order to do this programmatically, you can use one of the methods documented in the following sections.
Using a service account and an API key
You can use a service account's API key to authenticate to the ZenML server's REST API programmatically. This is particularly useful when you need a long-term, secure way to make authenticated HTTP requests to the ZenML API endpoints.
Start by creating a service account and an API key, e.g.:
```shell
zenml service-account create myserviceaccount
```Then, there are two methods to authenticate with the API using the API key - one is simpler but less secure, the other is secure and recommended but more complex:
This approach, albeit simple, is not recommended because the long-lived API key is exposed with every API request, which makes it easier to be compromised. Use it only in low-risk circumstances.
Use the API key directly to authenticate your API requests by including it in the Authorization header. For example, you can use the following command to check your current user:
using curl:
curl -H "Authorization: Bearer YOUR_API_KEY" https://your-zenml-server/api/v1/current-userusing wget:
wget -qO- --header="Authorization: Bearer YOUR_API_KEY" https://your-zenml-server/api/v1/current-userusing python:
import requests response = requests.get( "https://your-zenml-server/api/v1/current-user", headers={"Authorization": f"Bearer {YOUR_API_KEY}"} ) print(response.json())
Reduce the risk of API key exposure by periodically exchanging the API key for a short-lived API token.
To obtain a short-lived API token using your API key, send a POST request to the
/api/v1/loginendpoint. Here are examples using common HTTP clients:using curl:
curl -X POST -d "password=<YOUR_API_KEY>" https://your-zenml-server/api/v1/loginusing wget:
wget -qO- --post-data="password=<YOUR_API_KEY>" \ --header="Content-Type: application/x-www-form-urlencoded" \ https://your-zenml-server/api/v1/loginusing python:
import requests import json response = requests.post( "https://your-zenml-server/api/v1/login", data={"password": "<YOUR_API_KEY>"}, headers={"Content-Type": "application/x-www-form-urlencoded"} ) print(response.json())
This will return a response like this (the short-lived API token is the access_token field):
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI3MGJjZTg5NC1hN2VjLTRkOTYtYjE1Ny1kOTZkYWY5ZWM2M2IiLCJpc3MiOiJmMGQ5NjI1Ni04YmQyLTQxZDctOWVjZi0xMmYwM2JmYTVlMTYiLCJhdWQiOiJmMGQ5NjI1Ni04YmQyLTQxZDctOWVjZi0xMmYwM2JmYTVlMTYiLCJleHAiOjE3MTk0MDk0NjAsImFwaV9rZXlfaWQiOiIzNDkyM2U0NS0zMGFlLTRkMjctODZiZS0wZGRhNTdkMjA5MDcifQ.ByB1ngCPtBenGE6UugsWC6Blga3qPqkAiPJUSFDR-u4",
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": null,
"scope": null
}Once you have obtained a short-lived API token, you can use it to authenticate your API requests by including it in the
Authorizationheader. When the short-lived API token expires, simply repeat the steps above to obtain a new one. For example, you can use the following command to check your current user:using curl:
curl -H "Authorization: Bearer YOUR_API_TOKEN" https://your-zenml-server/api/v1/current-userusing wget:
wget -qO- --header="Authorization: Bearer YOUR_API_TOKEN" https://your-zenml-server/api/v1/current-userusing python:
import requests response = requests.get( "https://your-zenml-server/api/v1/current-user", headers={"Authorization": f"Bearer {YOUR_API_TOKEN}"} ) print(response.json())
Last updated
Was this helpful?