Skip to main content

Personal Access Tokens

Make inferences on resources outside the scope of your apps


A Personal Access Token (usually shortened as PAT) is a kind of key that authenticates a user across all applications they have access to. It's not linked to a specific application.

A PAT represents you when accessing the Clarifai API. It's a powerful way of accessing your resources within the Clarifai platform.

You can use PATs to accomplish the following:

  • Access multiple apps with a single key. This lets you access your own apps as well as any other apps you have permissions to use, such as public apps, apps where you're added as a collaborator, or apps belonging to your organization's team.
  • Create apps and app-specific keys programmatically through the API. This is crucial for programs that segregate the data of each of their end-users into different apps.
info
  • PAT is the primary authentication mechanism we use.
  • When using a PAT, you need to specify the user ID alongside the application ID of the owner of the resource you want to access—be it your own or for another user. If accessing your own resources, you specify your own user_id and app_id; if you don't own them, specify the owner's user_id and app_id.
tip

A PAT allows you to make inferences on resources that are outside the scope of your apps. An API Key only allows you to access resources scoped to the app defined by that key. So, you can use an API Key to access your own resources, but not Clarifai's or other public resources.

How to Create a PAT on the Portal

A default PAT is automatically generated for you when you create an account on the Clarifai portal. Nonetheless, you can also create a new PAT explicitly on the portal.

To create it, log in to the portal, navigate to the upper right-hand section of the navigation bar, and click your user’s profile icon.

Select the Security settings option on the drop-down list.

Create new PAT on Community

On the ensuing Security page, click the Create Personal Access Token button.

Account security settings

On the form that pops up, provide a short token description, set the scopes you want to apply, and click the Confirm button.

create pat

You can find the new PAT listed on the Personal Access Token section, where you can copy it to the clipboard, edit it, or delete it.

listed pat

caution
  • PATs do not expire. In case your PAT gets compromised, you should delete it, and create a new one with the same scopes.

  • We recommend that you do not share your PAT with other users.

How to Use a PAT Example

Here is an example of how to use a PAT to make a prediction request from Clarifai's general-image-recognition model. Note that you need to specify the resource owner's user_id and app_id in the UserAppIDSet, if making a gRPC call, or in the URL, if making a REST call.

##################################################################################################
# In this section, we set the user authentication, user and app ID, model details, and the URL
# of the image we want as an input. Change these strings to run your own example.
#################################################################################################

# Your PAT (Personal Access Token) can be found in the Account's Security section
PAT = 'YOUR_PAT_HERE'
# Specify the correct user_id/app_id pairings
# Since you're making inferences outside your app's scope
USER_ID = 'clarifai'
APP_ID = 'main'
MODEL_ID = 'general-image-recognition'
# This is optional. You can specify a model version or the empty string for the default
MODEL_VERSION_ID = ''
IMAGE_URL = 'https://samples.clarifai.com/metro-north.jpg'

############################################################################
# YOU DO NOT NEED TO CHANGE ANYTHING BELOW THIS LINE TO RUN THIS EXAMPLE
############################################################################

from clarifai_grpc.channel.clarifai_channel import ClarifaiChannel
from clarifai_grpc.grpc.api import resources_pb2, service_pb2, service_pb2_grpc
from clarifai_grpc.grpc.api.status import status_code_pb2

channel = ClarifaiChannel.get_grpc_channel()
stub = service_pb2_grpc.V2Stub(channel)

metadata = (('authorization', 'Key ' + PAT),)

userDataObject = resources_pb2.UserAppIDSet(user_id=USER_ID, app_id=APP_ID)

post_model_outputs_response = stub.PostModelOutputs(
service_pb2.PostModelOutputsRequest(
user_app_id=userDataObject, # The userDataObject is created in the overview and is required when using a PAT
model_id=MODEL_ID,
version_id=MODEL_VERSION_ID,
inputs=[
resources_pb2.Input(
data=resources_pb2.Data(
image=resources_pb2.Image(
url=IMAGE_URL
)
)
)
]
),
metadata=metadata
)
if post_model_outputs_response.status.code != status_code_pb2.SUCCESS:
print(post_model_outputs_response.status)
raise Exception("Post model outputs failed, status: " + post_model_outputs_response.status.description)

# Since we have one input, one output will exist here
output = post_model_outputs_response.outputs[0]

print("Predicted concepts:")
for concept in output.data.concepts:
print("%s %.2f" % (concept.name, concept.value))

# Uncomment this line to print the full Response JSON
#print(output)