Authentication overview
Hugging Face secures access to its platform and services primarily through API tokens, also known as personal access tokens (PATs). These tokens serve as cryptographic credentials, allowing users and applications to authenticate themselves when interacting with the Hugging Face Hub, Inference Endpoints, and other programmatic interfaces. Authentication is essential for managing private models, datasets, and Spaces, as well as for publishing new content and utilizing paid services. All communication with Hugging Face services is encrypted using HTTPS/TLS, protecting tokens and data in transit.
The authentication mechanism is designed to integrate with common development workflows, supporting direct use in HTTP headers and environment variables, as well as seamless integration within official SDKs like the Python Transformers library. This approach aims to balance security with developer convenience, enabling both individual researchers and enterprise teams to manage their machine learning assets securely.
Supported authentication methods
Hugging Face primarily relies on token-based authentication for programmatic access. The core method involves using personal access tokens, which are long-lived secrets that grant specific permissions to the holder. These tokens are generated by the user and must be kept confidential.
The table below summarizes the primary authentication method and its characteristics:
| Method | When to Use | Security Level | Description |
|---|---|---|---|
| Personal Access Tokens (PATs) | Programmatic access to the Hugging Face Hub, Inference Endpoints, SDKs (Python, JS) | High (when managed securely) | Bearer tokens generated from user settings, granting read, write, or admin permissions. Passed in Authorization: Bearer <TOKEN> header or via environment variables. |
While PATs are the primary method, Hugging Face also supports OAuth 2.0 for third-party applications and services that integrate with the platform. OAuth 2.0 is an authorization framework that allows a user to grant a third-party application limited access to their resources without exposing their credentials. This is particularly relevant for integrations where an application needs to perform actions on behalf of a user without direct password sharing.
Getting your credentials
To authenticate with Hugging Face services, you will need to generate a personal access token (PAT) from your account settings on the Hugging Face Hub.
- Log in to Hugging Face: Navigate to the Hugging Face login page and sign in with your account.
- Access Settings: Click on your profile picture in the top right corner, then select "Settings".
- Navigate to Access Tokens: In the left-hand navigation menu, click on "Access Tokens".
- Generate a New Token: Click the "New token" button.
- Configure Token Details:
- Name: Provide a descriptive name for your token (e.g., "My API Script Token", "CI/CD Integration").
- Role: Select the appropriate permission level for the token:
- Read: Allows viewing public and private models/datasets, and downloading files. Suitable for inference-only applications or read-only access.
- Write: Includes "Read" permissions, plus the ability to upload new models/datasets, push changes, and create new repositories. Required for training, fine-tuning, and publishing.
- Admin: Grants full administrative control over your repositories. Use with caution and only when necessary.
- Create Token: Click "Generate a token".
- Copy Your Token: The newly generated token will be displayed. Copy this token immediately, as it will only be shown once. If you lose it, you will need to revoke it and generate a new one.
Once you have your token, you can use it in your applications, scripts, or environment variables to authenticate your requests.
Authenticated request example
This section demonstrates how to use a Hugging Face personal access token (Hugging Face Token) to authenticate requests, using both the Python SDK and a direct HTTP request example.
Python SDK example (Transformers library)
When using the Python transformers library, you can log in programmatically using your token. This saves the token locally for subsequent operations.
from huggingface_hub import login, HfApi
# Method 1: Log in with your token
# The token will be stored securely on your system
login(token="hf_YOUR_TOKEN_HERE")
# Method 2: Pass the token directly to the API client (for specific operations)
api = HfApi(token="hf_YOUR_TOKEN_HERE")
# Example: List your private models (requires 'read' or 'write' token)
private_models = api.list_models(author="your_username", private=True)
for model in private_models:
print(f"Private Model: {model.id}")
# Example: Upload a file to a private repository (requires 'write' token)
# from huggingface_hub import upload_file
# upload_file(
# path_or_fileobj="path/to/your/model_file.bin",
# path_in_repo="model_file.bin",
# repo_id="your_username/your_private_model",
# token="hf_YOUR_TOKEN_HERE"
# )
Direct HTTP request example (Inference API)
For direct HTTP requests, such as interacting with the Hugging Face Inference API, you pass your token in the Authorization header as a Bearer token.
export HF_TOKEN="hf_YOUR_TOKEN_HERE"
curl -X POST \
-H "Authorization: Bearer $HF_TOKEN" \
-H "Content-Type: application/json" \
https://api-inference.huggingface.co/models/distilbert-base-uncased-finetuned-sst-2-english \
-d '{"inputs": "The quick brown fox jumps over the lazy dog."}'
This example sends a request to a public model hosted on the Inference API. If you were accessing a private model or performing an action requiring write permissions, the token would be essential.
Security best practices
Proper management of your Hugging Face API tokens is crucial for maintaining the security of your machine learning assets and account. Follow these best practices to minimize risks:
- Least Privilege: Always generate tokens with the minimum necessary permissions (role). If a token only needs to read models, grant it a "Read" role, not "Write" or "Admin". This limits the impact of a compromised token.
- Token Naming: Use descriptive names for your tokens (e.g., "CI/CD pipeline for project X", "Local development environment"). This helps you identify the purpose of each token and revoke it if it's no longer needed or compromised.
- Regular Rotation: Periodically rotate your tokens. This means generating a new token, updating all systems that use the old token, and then revoking the old token. While Hugging Face tokens do not expire automatically, manual rotation enhances security.
- Secure Storage:
- Environment Variables: For server-side applications and CI/CD pipelines, store tokens as environment variables. This prevents them from being hardcoded into your source code.
- Configuration Files: If using configuration files, ensure they are not committed to version control systems (e.g., add them to
.gitignore). Use secure configuration management tools. - Secrets Management: For production environments, utilize dedicated secrets management services (e.g., AWS Secrets Manager, Google Secret Manager, Azure Key Vault) to store and retrieve tokens securely. AWS Secrets Manager provides centralized management for secrets.
- Avoid Hardcoding: Never hardcode API tokens directly into your source code. This is a common vulnerability that can lead to token exposure if your code repository is compromised.
- Monitor Usage: While Hugging Face does not currently provide detailed token usage logs directly in the UI, keep track of where and how your tokens are being used. If you suspect a token has been compromised, revoke it immediately from your Hugging Face settings.
- HTTPS Everywhere: Always ensure that all communications with Hugging Face services use HTTPS. This encrypts your token and data in transit, protecting against eavesdropping.
- Revoke Unused Tokens: Regularly review your active tokens in your Hugging Face settings and revoke any that are no longer in use or associated with deprecated projects.