09.26.2024: Authentication & RBAC 🔐

We've added Authentication and Rules-based Access Controls to Phoenix. This was a long-requested feature set, and we're excited for the new uses of Phoenix this will unlock!

The auth feature set includes:

• Secure Access: All of Phoenix’s UI & APIs (REST, GraphQL, gRPC) now require access tokens or API keys. Keep your data safe!

• RBAC (Role-Based Access Control): Admins can manage users; members can update their profiles—simple & secure.

• API Keys: Now available for seamless, secure data ingestion & querying.

• OAuth2 Support: Easily integrate with Google, AWS Cognito, or Auth0. ✉ Password Resets via SMTP to make security a breeze.

For all the details on authentication, view our docs.

Bug Fixes and Improvements 🐛

• Numerous stability improvements to our hosted Phoenix instances accessed on app.phoenix.arize.com

• Added a new command to easily launch a Phoenix client from the cli: phoenix serve

• Implemented simple email sender to simplify dependencies

• Improved error handling for imported spans

• Replaced hdbscan with fast-hdbscan Added PHOENIX_CSRF_TRUSTED_ORIGINS environment variable to set trusted origins

• Added support for Mistral 1.0

• Fixed an issue that caused px.Client().get_spans_dataframe() requests to time out