Create your agent

This is the official documentation of the forestadmin-agent-django and forestadmin-agent-flask Python agents.

Integration with Flask settings

Settings can be integrate to flask configuration mechanism. A rename operation is apply removing "FOREST_" and setting the parameter name in lowercase. This is done by the FlaskAgent.parse_config(app) method. For example:

from forestadmin.flask_agent.agent import parse_flask_config

app.config["FOREST_ENV_SECRET"] = "env_secret"
assert parse_flask_config(app) == {"env_secret": "env_secret"}

You can also give a dictionary of settings to the create_agent method as second parameter, so the parse_flask_config will not be called

app = Flask(__name__)

agent = create_agent(app, {
    # Mandatory options (those will be provided during onboarding)
    "env_secret": os.environ.get("ENV_SECRET"),
    "auth_secret": os.environ.get("AUTH_SECRET"),
    "is_production": os.environ.get("IS_PRODUCTION"),

    # Optional variables
    "customize_error_message": ...,
    "forest_server_url": ...,
    "logger": ...,
    "logger_level": ...,
    "permissions_cache_duration_in_seconds": ...,
    "prefix": ...,
    "schema_path": ...,

Mandatory variables

All mandatory variables are provided as environment variables during onboarding.

Your agent cannot be started without them, and no default values are provided.

auth_secret (string, no default)

This variable contains a random secret token which is used to sign authentication tokens used in request between your users and your agent.

It is generated during onboarding, but never leaves your browser, and is not saved on our side.

Never share it to anybody, as that would allow attackers to impersonate your users on your agent!

env_secret (string, no default)

This variable contains a random secret token which is used to authenticate requests between your agent and our servers.

Unlike the auth_secret, it is stored in our database, so it can be privately shared with Forest Admin employees.

Never share it publicly, as it would allow attackers to impersonate your agent with our servers. That would not cause any data leak, but opens the possibility for attackers to cause denial of service.

is_production (boolean, no default)

In development mode the agent has a few extra behaviors (when using is_production=False))

  • At startup, the agent will print the URL of all mounted charts

  • At startup, the agent will update the .forestadmin-schema.json.

  • When exceptions are thrown, a report will be printed to stdout.

Optional variables

customize_error_message (function, defaults to None)

When unexpected errors are raised in the agent code during a request, the error will be logged (using options["logger"]), but in the admin-panel, the final user will get a default message 'Unexpected error'.

This is done as to:

  • Prevent error message from leaking internal information about the agent (credentials, ...).

  • Prevent technical/cryptic error messages to show in the frontend.

This behavior can be customized.

def error_message_customizer(error:Exception):
    if isinstance(error, sqlalchemy.exc.OperationalError):
      return (
          'Failed to connect to the database, ' +
          'contact John at 06 12 34 56 78 and tell him to reboot the server'
    return (
        'Unexpected error, ' +
        'contact Jane at 06 87 65 43 21 and tell her to get it fixed.'

create_agent(app, {
    "customize_error_message": error_message_customizer

server_url (string, defaults to '')

This variable should be used only for customers using the self-hosted version of Forest Admin ↗.

It allows to specify the URL at which Forest Admin servers can be reached.

create_agent(app, {
    # ...
    "server_url": '',

logger (function) and logger_level (string, defaults to )logging.INFO

Forest Admin encourages customers to use In-app installations.

You may want to have control of the logger which is used by Forest Admin.

This configuration key allows to format and route logs to a logging service, instead of printing them in stdout.

import logging

MY_LOGGER = logging.getLogger("my_custom_forest_logger")

def log_function(log_level: str, message:str):
    getattr(MY_LOGGER, log_level.lower())(message)
    # or
    print(f"{log_level}: {message}")

create_agent(app, {
    # Valid values are logging.(DEBUG|INFO|WARNING|ERROR)
    "logger_level": logging.INFO,
    "logger": log_function

If logger is not specified, the agent will log using "forestadmin" logger of logging module ↗. You can customize it as you wish.

import logging

forest_logger = logging.getLogger("forestadmin")
for handler in forest_logger.handlers:

handler = logging.StreamHandler()

# ...

permissions_cache_duration_in_seconds (number, defaults to 15 minutes)

Forest Admin administrators can restrict operations which final users can perform ↗.

Those permissions are enforced both in the frontend, and in your agent.

This configuration variable allows to customize how often the agent should ask the server to provide the permissions table.

create_agent(app, {
    # ...
    "permissions_cache_duration_in_seconds": 15 * 60,

prefix (string, default to empty string)

This variable adds a prefix to the url at which routes are locally mounted on your application. It is mostly used for customers which wish to mount multiple agent instances on the same Node.js process (for setups using multiple Forest Admin projects).

Note that this variable has no influence on the base URL that will be used by your users to reach the agent: it is determined only by the application URL provided during onboarding and deployment.

This is done so that customers using reverse proxies can implement their routing table as they see fit.

Desired Local URLsDesired Public URLsHow to configure your agent


prefix = '' agentUrl = ''


prefix = '' agentUrl = ''


prefix = 'prefix' agentUrl = ''


prefix = 'local-prefix' agentUrl = ''

create_agent(app, {
    # ...
    "prefix": "/api",

schema_path (string, defaults to '.forestadmin-schema.json')

This variable allows to choose where the .forestadmin-schema.json file should be written in development, and read from in production.

With Flask agent, the default path is computed as : os.path.join(self._app.root_path, ".forestadmin-schema.json")

This allows to:

  • Improve git repository organisation

  • Work around read only folders (for instance, if developing using a read only docker volume).

  • Have flexibility when using custom builds in production (code minification, ...)

create_agent(app, {
    # ...
    "schema_path": '/volumes/fa-agent-configuration/schema.json',

Last updated