wangbo/ComfyUI
1
0
Fork 0
mirror of https://github.com/comfyanonymous/ComfyUI.git synced 2025-12-27 07:10:54 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
06bf79b19b
ComfyUI/QUICK_START_AUTH.md
daverbj 06bf79b19b feat: Add API key authentication and health endpoint 
- Add API key authentication middleware with multiple auth methods (Bearer, X-API-Key, query param)
- Add /health endpoint with server status, queue info, device info, and VRAM stats
- Add CLI arguments --api-key and --api-key-file for authentication configuration
- Static files and WebSocket connections exempt from authentication
- Fully backward compatible - no authentication required by default
- Add comprehensive documentation, examples, and test scripts
2025-12-11 15:33:08 +03:00

2.6 KiB
Raw Blame History

Quick Start Guide - API Authentication

Step-by-Step Instructions

1. Start ComfyUI with API Key

# Stop any running ComfyUI instance first
# Then start with an API key:

python main.py --api-key "my-secret-key-123"

You should see in the logs:

[Auth] API Key authentication enabled

2. Test the Authentication

Health check (works without auth):

curl http://localhost:8188/health

Protected endpoint without auth (should fail):

curl http://localhost:8188/object_info
# Should return: {"error": "Unauthorized", "message": "..."}

Protected endpoint with auth (should work):

curl -H "Authorization: Bearer my-secret-key-123" http://localhost:8188/object_info
# Should return: {...node definitions...}

3. Run the Test Script

chmod +x test_auth_quick.sh
./test_auth_quick.sh

Common Issues

Issue: All requests work without authentication

Problem: You didn't start the server with --api-key

Solution:

# Stop the server (Ctrl+C)
# Restart with API key:
python main.py --api-key "your-key-here"

Verify it's enabled:

# In another terminal, check if auth is working:
curl http://localhost:8188/object_info
# Should return 401 Unauthorized

Issue: Authentication is enabled but I get 401 even with correct key

Problem: Key format or typo

Solution:

  • Ensure no extra spaces in the key
  • Check the Authorization header format: Authorization: Bearer YOUR_KEY
  • Try X-API-Key header: X-API-Key: YOUR_KEY

Example: Full Workflow

# 1. Generate a secure key
python -c "import secrets; print(secrets.token_hex(32))"
# Output: a1b2c3d4e5f6...

# 2. Save to file
echo "a1b2c3d4e5f6..." > api_key.txt

# 3. Start server with key file
python main.py --api-key-file api_key.txt

# 4. Use the API
API_KEY=$(cat api_key.txt)
curl -H "Authorization: Bearer $API_KEY" http://localhost:8188/object_info

Test with Python

import requests

API_KEY = "my-secret-key-123"
BASE_URL = "http://localhost:8188"

# This should fail (no auth)
response = requests.get(f"{BASE_URL}/object_info")
print(f"No auth: {response.status_code}")  # Should be 401

# This should work (with auth)
headers = {"Authorization": f"Bearer {API_KEY}"}
response = requests.get(f"{BASE_URL}/object_info", headers=headers)
print(f"With auth: {response.status_code}")  # Should be 200

Disable Authentication

Simply start ComfyUI without the --api-key argument:

python main.py

The server will work exactly as before with no authentication required.