Get Started with RAI in a Local Python Environment
This guide walks you through the steps to set up a local Python development environment with the relationalai
package.
This setup is ideal for developing, testing, and deploying applications built with RAI.
Install Python
Section titled “Install Python”Select your operating system and follow the steps to install Python on your machine:
-
Navigate to the Python 3.11 download page, scroll down to the Files section, and download the Windows installer (64-bit).
-
Open the installer and follow the prompts to install Python 3.11. Check the box to add Python to your
PATH
. -
Open a terminal and verify that Python 3.11 is installed by running:
Terminal window python --versionThe output should be similar to
Python 3.11.9
.
-
Navigate to the Python 3.11 download page, scroll down to the Files section, and download the macOS 64-bit universal2 installer.
-
Open the installer and follow the prompts to install Python 3.11. Use the default installation options. When the installation is complete, double click the Install Certificates command in the Finder window.
-
Open a terminal and verify that Python 3.11 is installed by running:
Terminal window python3.11 --versionThe output should be similar to
Python 3.11.9
.
-
Use your distribution’s package manager to install Python 3.11. Alternatively, navigate to the Python 3.11 download page, scroll down to the Files section, download the Gzipped source tarball and compile it yourself. See the Python documentation for details.
-
Open a terminal and verify that Python 3.11 is installed by running:
Terminal window python3.11 --versionThe output should be similar to
Python 3.11.9
.
Install the relationalai
Package
Section titled “Install the relationalai Package”Create a new project directory and virtual environment
and use pip
to install the relationalai
package:
mkdir rai-getting-started && cd rai-getting-started
# Create a virtual environment.python -m venv .venv
# Activate the virtual environment..venv\Scripts\activate
# Install the relationalai package.python -m pip install relationalai
mkdir rai-getting-started && cd rai-getting-started
# Create a virtual environment.# NOTE: Replace `python3.11` with `python3.9` or `python3.10`# if you're using a different version.python3.11 -m venv .venv
# Activate the virtual environment.source .venv/bin/activate
# Install the relationalai package.# NOTE: The python command is now the one in your virtual environment, so# you can use it as `python` instead of `python3.11`.python -m pip install relationalai
Set Up Your Snowflake Connection
Section titled “Set Up Your Snowflake Connection”Run rai init
to connect to your Snowflake account and configure your project:
rai init
Follow the interactive prompts to enter your Snowflake credentials and choose the:
- Snowflake role:
Must have
SELECT
privileges on the Snowflake tables you’ll be accessing as well as theeng_admin
andall_schema_all
RAI application roles. - Snowflake warehouse: May be any warehouse.
- RAI native app: The default is
relationalai
, but yours may differ.
Run a Test Query
Section titled “Run a Test Query”Verify that the relationalai
package is installed and working correctly by running the following code:
import relationalai as rai
# Create a model named "MyFirstModel".model = rai.Model("MyFirstModel")
# Send a test query.with model.query() as select: response = select(1 + 1)
# The results are stored as a pandas DataFrame in the response.results attribute.print(response.results)# v# 0 2
Use Direct Access
Section titled “Use Direct Access”By default, Python API calls are routed through Snowflake Service Functions, which adds some extra overhead to every request. Direct Access lets your code connect straight to the RAI Native App’s secure web address, skipping the middleman and making each call much faster—often by about 500ms. This is especially helpful for local development and rapid testing.
You enable direct access by setting use_direct_access = true
in your raiconfig.toml
profile and choosing an authenticator that fits your workflow:
The OAuth Authorization Code authentication method is best for interactive workflows. You’ll log in with your browser when you connect, just like signing in to a website. This is great for local development and testing.
Here’s an example raiconfig.toml
file configured to use OAuth:
[profile.default]platform = "snowflake"use_direct_access = trueauthenticator = "oauth_authorization_code"oauth_client_id = "<OAUTH_CLIENT_ID>"oauth_redirect_uri = "<OAUTH_REDIRECT_URI>" -- e.g. "http://localhost:8001/snowflake/oauth-redirect" (defined in the security integration)
The Programmatic Access Token (PAT) method is best for scripts and automation. You generate a token once and use it in your config—no browser or manual login needed. This is ideal for CI/CD or scheduled jobs.
Here’s an example raiconfig.toml
file configured to use a PAT:
[profile.ci]platform = "snowflake"use_direct_access = trueauthenticator = "programmatic_access_token"token_file_path = "/secure/path/direct_access_token"
The Key-Pair (JWT) method is best for secure, key-managed automation. You use a private key to authenticate, so no passwords or tokens are stored in your config. This is often used in enterprise or production environments.
This method requires generating a public/private key pair and uploading the public key to Snowflake:
-
Generate a private/public key pair locally.
# Generate a private key (omit -nocrypt to encrypt the key).openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt# Generate the corresponding public key.openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub -
Register the public key in Snowflake. An admin must then register the public key with the user’s Snowflake account. See Configure Key-Pair (JWT) Authentication for details.
-
Configure your environment. Add the private key (and password, if encrypted) to your
raiconfig.toml
file:raiconfig.toml [profile.service]platform = "snowflake"use_direct_access = trueauthenticator = "snowflake_jwt"private_key_file = "/secure/path/rsa_key.p8"# private_key_file_pwd = "<password>" # only if the key file is encrypted