i am getting above error while connecting to my Weaviate client
it is deployed in the eks
below is my config i am unable to set the api-key
authentication:
anonymous_access:
enabled: false

This configuration allows to add API keys to Weaviate. This configuration allows only

plain text API Keys, if you want to store the API Keys in a Kubernetes secret you can

configure the same configuration with ENV Vars. Read the env section below on what

needs to be configured. If using ENV Vars over this make sure to comment out the whole

apikey section (as it is by default). ENV Vars has priority over this config.

apikey:
enabled: true
# # Any number of allowed API Keys as plain text
allowed_keys:
- testKey123
# - admin-plainText-API-Key
# # You can either set a single user for all the listed Allowed API keys OR
# # one user per API Key, i.e. length(apikey.allowed_keys) == length(apikey.users) OR
# # length(apikey.users) == 1
# # NOTE: Make sure the lister Users are added to the Authorization as well.
users:
- admin
- dev
oidc:
enabled: false
# issuer: ‘’
# username_claim: ‘’
# groups_claim: ‘’
# client_id: ‘’

authorization:
rbac:
enabled: fasle
# admins:
# - admin
# - admin_user2
# viewers:
# - viewer_user1
# - readonly_user1
admin_list:
enabled: true
users:
- admin
# - admin_user2
# - api-key-user-admin
read_only_users:
- dev
# - readonly_user2
# - api-key-user-readOnly
AUTHENTICATION_APIKEY_ENABLED: ‘true’

List one or more keys, separated by commas. Each key corresponds to a specific user identity below.

If you want to use a kubernetes secret for the API Keys comment out this Variable and use the one in envSecrets below

AUTHENTICATION_APIKEY_ALLOWED_KEYS: ‘secret1,secret2’

List one or more user identities, separated by commas. You can have only one User for all the keys or one user per key.

The User/s can be a simple name or an email, no matter if it exists or not.

NOTE: Make sure to add the users to the authorization above overwise they will not be allowed to interact with Weaviate.

AUTHENTICATION_APIKEY_USERS: ‘admin,dev’

Enabling RBAC authorization. It is mutually exclusive with the AUTHORIZATION_ADMIN_LISTS variable. Either RBAC or the

admin lists mechanism can be used.

AUTHORIZATION_ENABLE_RBAC: “true”

Users with admin’s RBAC role. List one or more user identities, separated by commas, which will

have the admin role assigned to. This role provides all permissions to the user, but it’s required at least

in one of the user for managing the cluster.

AUTHORIZATION_ADMIN_USERS: “admin”

Users with viewer’s RBAC role. List one or more user identities, separated by commas, which will

have the viewer role assigned to. This role allows read permissions in all different areas. Once assigned via

config, it can’t be revoked via API AuthZ calls.

AUTHORIZATION_VIEWER_USERS: “dev”

envSecrets:

create a Kubernetes secret with AUTHENTICATION_APIKEY_ALLOWED_KEYS key and its respective value

AUTHENTICATION_APIKEY_ALLOWED_KEYS: name-of-the-k8s-secret-containing-the-comma-separated-api-keys

Good morning @Jyothi_Ram

Welcome to our community! It’s great to have you here.

Here is how to configure it:

See:

authentication:
  anonymous_access:
    enabled: false
  apikey:
    enabled: true
    allowed_keys:
      - testKey123
    users:
      - admin
      - dev
authorization:
  rbac:
    enabled: false
  admin_list:
    enabled: true
    users:
      - admin
      - api-key-user-admin
  read_only_users:
    - dev
    - api-key-user-readOnly

Hope this helps!

Regards,
Mohamed Shahin,
Weaviate Support Engineer

hi @Mohamed_Shahin thank you for responding

import weaviate, os
from weaviate.classes.init import Auth
client = weaviate.connect_to_custom(
    http_host="aXXXXXXXXXXX912472cb0cd4db7-XXXXXXXXX.eu-west-1.elb.amazonaws.com",        # Hostname for the HTTP API connection
    http_port=80,              # Default is 80, WCD uses 443
    http_secure=False,           # Whether to use https (secure) for the HTTP API connection
    grpc_host="acXXXXXXXXXXXXXXXX547ee912472cb0cd4db7-XXXXXXXXXXXX.eu-west-1.elb.amazonaws.com",        # Hostname for the gRPC API connection
    grpc_port=50051,              # Default is 50051, WCD uses 443
    grpc_secure=False,           # Whether to use a secure channel for the gRPC API connection
    auth_credentials="XXXXXXXX",  # API key for authentication
)

print(client.is_ready())

using above client to connect weaviate

getting the following error on running the client

/home/jyothiram/.local/lib/python3.10/site-packages/weaviate/warnings.py:15: UserWarning: Auth001: The client is configured to use authentication, but weaviate is configured without
                    authentication. Are you sure this is correct?
  warnings.warn(
    raise UnexpectedStatusCodeError(location, response)
weaviate.exceptions.UnexpectedStatusCodeError: Meta endpoint! Unexpected status code: 401, with response body: {'code': 401, 'message': 'anonymous access not enabled, please provide an auth scheme such as OIDC'}.

we are useing below config

---
authentication:
  anonymous_access:
    enabled: false
  apikey:
    allowed_keys:
    - testKey123
    - devKey
    enabled: true
    users:
    - admin
    - dev
  oidc:
    enabled: false
authorization:
  admin_list:
    enabled: true
    read_only_users:
    - dev
    users:
    - admin
  rbac:
    enabled: false

query_defaults:
  limit: 100
debug: false

Hi, your issue may be indentation. Check the following.

Using this config:

authentication:
  anonymous_access:
    enabled: false
  apikey:
    enabled: true
    allowed_keys:
      - XXXXXXXXX
    users:
      - user-1
  oidc:
    enabled: false

authorization:
  rbac:
    enabled: false
  admin_list:
    enabled: true
    users:
      - user-1

and this python client:

client = weaviate.connect_to_custom(
    http_host = "host.name",
    http_port = 80,
    http_secure = False,
    grpc_host = "grpc.host.name",
    grpc_port = 50051,
    grpc_secure = False,
    auth_credentials = Auth.api_key(weaviate_api_key)
)