Home > Software engineering >  How to validate Hugging Face organization token?
How to validate Hugging Face organization token?

Time:05-20

/whoami-2 endpoint returns Unauthorized for organization tokens, the ones that start with api_....

$ curl https://huggingface.co/api/whoami-2 -H "Authorization: Bearer api_<token>"
> { "error": "Unauthorized" }

At the same time I can use the same token to get private models. Should I use some other endpoint to validate the tokens?

CodePudding user response:

you are requesting to the wrong endpoint. It seems the endpoint is updated and I got a similar error with sending requests to the older endpoint (whoami).

just send the request to whoami-v2 like:

$ curl https://huggingface.co/api/whoami-v2 -H "Authorization: Bearer ${token}"
> {"type": "","name":"sadra","fullname":"sadra","email":"","emailVerified":true,"plan":"","periodEnd":,"avatarUrl":"","orgs":[]}

NB: According to docs, it seems old tokens were api_XXX or api_org_XXX, while all new ones start with hf_XXX. So, maybe creating a new token might be helpful if you still face issue with new endpoint.

So, same thing happens for organization tokens:

$ curl https://huggingface.co/api/whoami-v2 -H "Authorization: Bearer api_org_XXX"
> {"type":"org","name":"testmy","fullname":"testorg","email":null,"plan":"NO_PLAN","periodEnd":null,"avatarUrl":"https://www.gravatar.com/avatar/1bd0170cca6f638f0dd02c6a79e8c270?d=retro&size=100"}
  • Related