Comment on page
Basics of authentication
Learn about the basics of authentication in Supervisely
The easiest and best way to authenticate with the Supervisely API is by using Basic Authentication via a personal access token.
You need only two environment variables:
- 1.
- 2.
Video tutorial - basics of authentication for python developers
You can try examples shown in the video for yourself: find the repository with the scripts on GitHub.
If you are using 🔐 Enterprise Edition** ** 🔐 you have your own instance address. You can copy the URL address from the browser or contact instance admin. For example on my private instance the address is the following:

My private instance of Supervisely
In the example above the server address is
https://dev.supervise.ly
Every basic account has its own personal access token in account settings:
- 1.Find
Account Settings
under your name in the right top corner. - 2.Go to
API Token
tab. - 3.Press copy button.

API token in account settings
You can revoke your current token and generate the new one at any time by clicking
re-generate api key
button.To communicate with the Supervisely platform, you first need to instantiate a client. The easiest way to do that is by calling the function
from_env()
or pass values of environment variables in the constructor.It is the default practice to store your secrets as environment variables and keep them safe in
.env
files for local development.- 1.Create .env file (recommended:
~/supervisely.env
) with the following content:
SERVER_ADDRESS="https://app.supervise.ly"
API_TOKEN="4r47N...xaTatb"
2. Use it the following way
import os
from dotenv import load_dotenv
import supervisely as sly
if sly.is_development():
load_dotenv(os.path.expanduser("~/supervisely.env"))
api = sly.Api.from_env()
import supervisely as sly
api = sly.Api(server_address="https://app.supervise.ly", token="4r47N...xaTatb")
We do not recommend using this way in production.
It is the fastest way, but remember, it is not safe to store the secrets right in your sources.
Avoid (accidentally) committing (exposing) your private keys, passwords or other sensitive details (by hard-coding in them in your script) to git by storing them as environment variables.
Last modified 8mo ago