Skip to main content
This page covers Arize Python SDK version 7 for on-premise and self-hosted Arize AX. For new projects, we recommend SDK v8; see the v8 migration guide for details. The following examples use separate clients for pandas/API, export, and datasets. With v7, single-endpoint and four-endpoint deployments each require the host and URI patterns shown below.

Single Endpoint (v7)

# Pandas / API client
from arize.pandas.logger import Client  # or from arize.api import Client
arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1",
)

# With evaluations (Flight host)
arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1",
    host="arize-app.<domain>",
    ...
)

# Export client (v7)
from arize.exporter import ArizeExportClient
client = ArizeExportClient(
    api_key=API_KEY,
    host="arize-app.<domain>",
    ...
)

# Datasets client (v7)
from arize.experimental.datasets import ArizeDatasetsClient
client = ArizeDatasetsClient(
    api_key=API_KEY,
    host="arize-app.<domain>",
    otlp_endpoint="https://arize-app.<domain>/v1",
    ...
)

Four Endpoints (v7)

# Pandas / API client
arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-api.<domain>/v1",
)

# With evaluations (Flight host)
arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-api.<domain>/v1",
    host="arize-flight.<domain>",
    ...
)

# Export client (v7)
client = ArizeExportClient(
    api_key=API_KEY,
    host="arize-flight.<domain>",
    ...
)

# Datasets client (v7)
client = ArizeDatasetsClient(
    api_key=API_KEY,
    host="arize-flight.<domain>",
    otlp_endpoint="https://arize-otlp.<domain>/v1",
    ...
)

Using an Enterprise-Issued Certificate (v7)

If your deployment uses a certificate signed by your own enterprise private CA or a self-signed certificate, follow the relevant instructions below for your deployment type and use case.

Obtaining the Root CA Certificate

First, obtain the root CA certificate that was used to sign your endpoint’s certificate. This root certificate is typically managed by the security team and is common across environments.

Extracting the Certificate (If Root CA Certificate is Unavailable)

If providing the root certificate doesn’t resolve the issue or is not an option, an alternative approach is to extract the certificate directly from the endpoint and create the cert.pem file. 
echo | openssl s_client -showcerts -state -connect <host>:443 -prexit > cert.pem

Arize SDK

  • Disable verification (not recommended for production): 
    arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify=False)
  • Provide the root certificate file: 
    arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify="cert.pem")
    Or 
    # if root cert has already been added to your system CA bundle
import certifi
arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify=certifi.where())

OTEL Traces (GRPC/HTTP)

  • Set the OTEL_EXPORTER_OTLP_CERTIFICATE environment variable to your root certificate:
os.environ["OTEL_EXPORTER_OTLP_CERTIFICATE"] = "cert.pem"
Or 
# if root cert has already been added to your system CA bundle
import certifi
os.environ['OTEL_EXPORTER_OTLP_CERTIFICATE'] = certifi.where()

FlightServer Export/Datasets Client

  • Set the GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable to your root certificate:
os.environ['GRPC_DEFAULT_SSL_ROOTS_FILE_PATH'] = "cert.pem"
Or 
# if root cert has already been added to your system CA bundle
import certifi
os.environ['GRPC_DEFAULT_SSL_ROOTS_FILE_PATH'] = certifi.where()