Authentication
Authenticate with the API via an API key or token.
Last updated
Authenticate with the API via an API key or token.
Last updated
To authenticate with the Roboflow API, you need an API key. You can obtain an API key using our web application or via our token issuance flow, supported by the CLI and Python package.
If you are using Roboflow in a production application (i.e. scripts, a web application, an API), we recommend using your API key to authenticate with Roboflow.
If you are using our Python SDK in a notebook, we recommend authenticating using the Token Issuance flow documented below.
You can retrieve an API key from your Roboflow settings.
First, go to the Roboflow dashboard. In the left navigation bar, click on "Settings" and then "API Keys":
You will be taken to a page with your API keys. API keys are scoped to a workspace, which means you must use the API key associated with a workspace to access that workspace's private projects.
On the left sidebar, you will see a list of workspaces. Select the workspace for which you want to issue an API key. Finally, copy your Private API Key.
Be sure to keep this secret. Treat it like a password; it grants the bearer access to all of your workspace's data and models.
If you ever accidentally expose your key to someone who isn't authorized to access your workspace, click "Revoke API Key". Your API key will be disabled immediately. You can then create a new one.
You should already have an API Key automatically generated for you. If you revoked your API key, you can always create a new one using the "Generate Private API Key" button that appears if you do not already have one.
Most Roboflow API endpoints require an API key. You can authenticate your request through the api_key parameter in the body and the query, or via an authentication header.
You can send your API key through a query parameter in the URL of your request.
Example: https://api.roboflow.com?api_key=abcdefghijklmnopqrstuvwxyz
Due to security implications, using a query parameter to authenticate may not be the best practice. For production use cases, we recommend sending your API key via the header.
You can also send your API key as a bearer authentication header.
Example Header:
You can also send your API key as a parameter within a JSON request body of POST endpoints.
Example JSON Body:
The Roboflow CLI and Python package support token issuance, a convenient way to grant an API key. When you authenticate with roboflow.login() in Python, or roboflow auth in the CLI, you will be given a URL to a page through which you can issue a token to access a workspace.
You will be asked to select a workspace, then given a token for use in the Python package or CLI.
