From fcbab776132a6642a483f9820a8f20ed1aa96594 Mon Sep 17 00:00:00 2001 From: yangdx Date: Sun, 28 Sep 2025 10:56:52 +0800 Subject: [PATCH] docs: add API key usage example and security guidance --- lightrag/api/README-zh.md | 12 +++++++++++- lightrag/api/README.md | 12 +++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/lightrag/api/README-zh.md b/lightrag/api/README-zh.md index 7e76d694..6b6e2289 100644 --- a/lightrag/api/README-zh.md +++ b/lightrag/api/README-zh.md @@ -278,7 +278,17 @@ LIGHTRAG_API_KEY=your-secure-api-key-here WHITELIST_PATHS=/health,/api/* ``` -> 健康检查和 Ollama 模拟端点默认不进行 API 密钥检查。 +> 健康检查和 Ollama 模拟端点默认不进行 API 密钥检查。为了安全原因,如果不需要提供Ollama服务,应该把`/api/*`从WHITELIST_PATHS中移除。 + +API Key使用的请求头是 `X-API-Key` 。以下是使用API访问LightRAG Server的一个例子: + +``` +curl -X 'POST' \ + 'http://localhost:9621/documents/scan' \ + -H 'accept: application/json' \ + -H 'X-API-Key: your-secure-api-key-here-123' \ + -d '' +``` * 账户凭证(Web 界面需要登录后才能访问) diff --git a/lightrag/api/README.md b/lightrag/api/README.md index 732a686f..60a1d2ab 100644 --- a/lightrag/api/README.md +++ b/lightrag/api/README.md @@ -280,7 +280,17 @@ LIGHTRAG_API_KEY=your-secure-api-key-here WHITELIST_PATHS=/health,/api/* ``` -> Health check and Ollama emulation endpoints are excluded from API Key check by default. +> Health check and Ollama emulation endpoints are excluded from API Key check by default. For security reasons, remove `/api/*` from `WHITELIST_PATHS` if the Ollama service is not required. + +The API key is passed using the request header `X-API-Key`. Below is an example of accessing the LightRAG Server via API: + +``` +curl -X 'POST' \ + 'http://localhost:9621/documents/scan' \ + -H 'accept: application/json' \ + -H 'X-API-Key: your-secure-api-key-here-123' \ + -d '' +``` * Account credentials (the Web UI requires login before access can be granted):