Authentication

Authenticate with the API via an API key or token.

To authenticate with the Roboflow API, you need an API key. You can obtain an API key using our web application or via our token issuance flow, supported by the CLI and Python package.

In a Production Application

If you are using Roboflow in a production application (i.e. scripts, a web application, an API), we recommend using your API key to authenticate with Roboflow.

In a Notebook

If you are using our Python SDK in a notebook, we recommend authenticating using the Token Issuance flow documented below.

Retrieve an API Key

You can retrieve an API key from your Roboflow settings.

First, go to the Roboflow dashboard. In the left navigation bar, click on "Settings" and then "API Keys":

You will be taken to a page with your API keys. API keys are scoped to a workspace, which means you must use the API key associated with a workspace to access that workspace's private projects.

On the left sidebar, you will see a list of workspaces. Select the workspace for which you want to issue an API key. Finally, copy your Private API Key.

Be sure to keep this secret. Treat it like a password; it grants the bearer access to all of your workspace's data and models.

If you ever accidentally expose your key to someone who isn't authorized to access your workspace, click "Revoke API Key". Your API key will be disabled immediately. You can then create a new one.

Create a New API Key

You should already have an API Key automatically generated for you. If you revoked your API key, you can always create a new one using the "Generate Private API Key" button that appears if you do not already have one.

Using Your API Key

Most Roboflow API endpoints require an API key. You can authenticate your request through the api_key parameter in the body and the query, or via an authentication header.

Query Parameter

You can send your API key through a query parameter in the URL of your request.

Example: https://api.roboflow.com?api_key=abcdefghijklmnopqrstuvwxyz

Due to security implications, using a query parameter to authenticate may not be the best practice. For production use cases, we recommend sending your API key via the header.

Authentication Header

You can also send your API key as a bearer authentication header.

Example Header:

Authorization: Bearer abcdefghijklmnopqrstuvwxyz

Body Parameter

You can also send your API key as a parameter within a JSON request body of POST endpoints.

Example JSON Body:

{
    "api_key":"abcdefghijklmnopqrstuvwxyz"
}

Token Issuance Flow

The Roboflow CLI and Python package support token issuance, a convenient way to grant an API key. When you authenticate with roboflow.login() in Python, or roboflow auth in the CLI, you will be given a URL to a page through which you can issue a token to access a workspace.

You will be asked to select a workspace, then given a token for use in the Python package or CLI.

Retrieving a token via the token issuance flow.

Last updated