You are receiving error messages in your flows, or from the agent, and you aren’t sure if it’s an issue with the API key.
How can you quickly check?
There is an available /health endpoint for your account:
https://api.prefect.cloud/api/accounts/<account>/workspaces/<workspace>/health
You can validate if your API key is still valid with the following command; replace with your account and workspace URL. Notice the “api.prefect.cloud”:
curl -i -H ‘Authorization: Bearer <api key here>’ https://api.prefect.cloud/api/accounts/<account>/workspaces/<workspace>/health
Alternatively, you can run the following python script as follows:
python test_api.py --api_key "replace" --account_id "replace" --workspace_id "replace"
# Python script to validate API KEY and API URL
import json
import requests
import os
import argparse
def check_health(url, headers):
url = f"{url}/health"
r = requests.get(url, headers=headers)
print (f"Returned status code: {r.status_code}")
if r.status_code == 200:
print("Valid API Key and URL")
else:
print("Invalid API Key and/or URL")
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="Prefect Cloud Login Tester")
parser.add_argument("--api_key", help="API KEY", required=True)
parser.add_argument("--account_id", help="Account ID", required=True)
parser.add_argument("--workspace_id", help="Workspace ID", required=True)
args = parser.parse_args()
url = f"https://api.prefect.cloud/api/accounts/{args.account_id}/workspaces/{args.workspace_id}"
headers = {
'Content-Type': 'application/json',
'Authorization': f'Bearer {args.api_key}'
}
check_health(url, headers)
A bad response will appear as follows. Note a 401 means unauthorized.
HTTP/2 401
date: Thu, 12 Jan 2023 19:43:40 GMT
server: istio-envoy
x-deny: ext-authz
content-length: 47
content-type: application/json
x-envoy-upstream-service-time: 5
via: 1.1 google
content-security-policy: default-src 'none'; object-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
{"detail":"Invalid authentication credentials"}%
A valid API key response will appear as follows. Note the 200 response code.
HTTP/2 200
date: Thu, 12 Jan 2023 18:46:52 GMT
server: istio-envoy
content-length: 4
content-type: application/json
x-envoy-upstream-service-time: 12
via: 1.1 google
content-security-policy: default-src 'none'; object-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
true%