arize-phoenix 11.38.0__py3-none-any.whl → 12.2.0__py3-none-any.whl

phoenix/server/api/routers/auth.py

@@ -2,7 +2,6 @@ import asyncio
 import secrets
 from datetime import datetime, timedelta, timezone
 from functools import partial
-from pathlib import Path
 from urllib.parse import urlencode, urlparse, urlunparse
 
 from fastapi import APIRouter, Depends, HTTPException, Request, Response
@@ -38,7 +37,6 @@ from phoenix.config import (
     get_base_url,
     get_env_disable_basic_auth,
     get_env_disable_rate_limit,
-    get_env_host_root_path,
 )
 from phoenix.db import models
 from phoenix.server.bearer_auth import PhoenixUser, create_access_and_refresh_tokens
@@ -52,6 +50,7 @@ from phoenix.server.types import (
     TokenStore,
     UserId,
 )
+from phoenix.server.utils import prepend_root_path
 
 rate_limiter = ServerRateLimiter(
     per_second_rate_limit=0.2,
@@ -145,7 +144,8 @@ async def logout(
         user_id = subject
     if user_id:
         await token_store.log_out(user_id)
-    redirect_url = "/logout" if get_env_disable_basic_auth() else "/login"
+    redirect_path = "/logout" if get_env_disable_basic_auth() else "/login"
+    redirect_url = prepend_root_path(request.scope, redirect_path)
     response = Response(status_code=HTTP_302_FOUND, headers={"Location": redirect_url})
     response = delete_access_token_cookie(response)
     response = delete_refresh_token_cookie(response)
@@ -242,9 +242,9 @@ async def initiate_password_reset(request: Request) -> Response:
     )
     token, _ = await token_store.create_password_reset_token(password_reset_token_claims)
     url = urlparse(request.headers.get("referer") or get_base_url())
-    path = Path(get_env_host_root_path()) / "reset-password-with-token"
+    path = prepend_root_path(request.scope, "/reset-password-with-token")
     query_string = urlencode(dict(token=token))
-    components = (url.scheme, url.netloc, path.as_posix(), "", query_string, "")
+    components = (url.scheme, url.netloc, path, "", query_string, "")
     reset_url = urlunparse(components)
     await sender.send_password_reset_email(email, reset_url)
     return Response(status_code=HTTP_204_NO_CONTENT)

phoenix/server/api/routers/oauth2.py

@@ -46,6 +46,7 @@ from phoenix.server.rate_limiters import (
     fastapi_route_rate_limiter,
 )
 from phoenix.server.types import TokenStore
+from phoenix.server.utils import get_root_path, prepend_root_path
 
 _LOWERCASE_ALPHANUMS_AND_UNDERSCORES = r"[a-z0-9_]+"
 
@@ -191,7 +192,7 @@ async def create_tokens(
         access_token_expiry=access_token_expiry,
         refresh_token_expiry=refresh_token_expiry,
     )
-    redirect_path = _prepend_root_path_if_exists(request=request, path=return_url or "/")
+    redirect_path = prepend_root_path(request.scope, return_url or "/")
     response = RedirectResponse(
         url=redirect_path,
         status_code=HTTP_302_FOUND,
@@ -564,8 +565,8 @@ def _redirect_to_login(*, request: Request, error: str) -> RedirectResponse:
     Creates a RedirectResponse to the login page to display an error message.
     """
     # TODO: this needs some cleanup
-    login_path = _prepend_root_path_if_exists(
-        request=request, path="/login" if not get_env_disable_basic_auth() else "/logout"
+    login_path = prepend_root_path(
+        request.scope, "/login" if not get_env_disable_basic_auth() else "/logout"
     )
     url = URL(login_path).include_query_params(error=error)
     response = RedirectResponse(url=url)
@@ -574,34 +575,15 @@ def _redirect_to_login(*, request: Request, error: str) -> RedirectResponse:
     return response
 
 
-def _prepend_root_path_if_exists(*, request: Request, path: str) -> str:
-    """
-    If a root path is configured, prepends it to the input path.
-    """
-    if not path.startswith("/"):
-        raise ValueError("path must start with a forward slash")
-    root_path = _get_root_path(request=request)
-    if root_path.endswith("/"):
-        root_path = root_path.rstrip("/")
-    return root_path + path
-
-
 def _append_root_path_if_exists(*, request: Request, base_url: str) -> str:
     """
     If a root path is configured, appends it to the input base url.
     """
-    if not (root_path := _get_root_path(request=request)):
+    if not (root_path := get_root_path(request.scope)):
         return base_url
     return str(URLPath(root_path).make_absolute_url(base_url=base_url))
 
 
-def _get_root_path(*, request: Request) -> str:
-    """
-    Gets the root path from the request.
-    """
-    return str(request.scope.get("root_path", ""))
-
-
 def _get_create_tokens_endpoint(*, request: Request, origin_url: str, idp_name: str) -> str:
     """
     Gets the endpoint for create tokens route.

phoenix/server/api/routers/v1/__init__.py

@@ -14,6 +14,7 @@ from .experiment_runs import router as experiment_runs_router
 from .experiments import router as experiments_router
 from .projects import router as projects_router
 from .prompts import router as prompts_router
+from .sessions import router as sessions_router
 from .spans import router as spans_router
 from .traces import router as traces_router
 from .users import router as users_router
@@ -71,6 +72,7 @@ def create_v1_router(authentication_enabled: bool) -> APIRouter:
     router.include_router(evaluations_router)
     router.include_router(prompts_router)
     router.include_router(projects_router)
+    router.include_router(sessions_router)
     router.include_router(documents_router)
     router.include_router(users_router)
     return router

phoenix/server/api/routers/v1/annotations.py

@@ -14,6 +14,9 @@ from strawberry.relay import GlobalID
 from phoenix.db import models
 from phoenix.db.insertion.types import Precursors
 from phoenix.server.api.routers.v1.models import V1RoutesBaseModel
+from phoenix.server.api.types.ProjectSessionAnnotation import (
+    ProjectSessionAnnotation as SessionAnnotationNodeType,
+)
 from phoenix.server.api.types.SpanAnnotation import SpanAnnotation as SpanAnnotationNodeType
 from phoenix.server.api.types.TraceAnnotation import TraceAnnotation as TraceAnnotationNodeType
 from phoenix.server.api.types.User import User as UserNodeType
@@ -24,6 +27,7 @@ logger = logging.getLogger(__name__)
 
 SPAN_ANNOTATION_NODE_NAME = SpanAnnotationNodeType.__name__
 TRACE_ANNOTATION_NODE_NAME = TraceAnnotationNodeType.__name__
+SESSION_ANNOTATION_NODE_NAME = SessionAnnotationNodeType.__name__
 MAX_TRACE_IDS = 1_000
 USER_NODE_NAME = UserNodeType.__name__
 MAX_SPAN_IDS = 1_000
@@ -161,6 +165,35 @@ class TraceAnnotationsResponseBody(PaginatedResponseBody[TraceAnnotation]):
     pass
 
 
+class SessionAnnotationData(AnnotationData):
+    session_id: str = Field(description="Session ID")
+
+    def as_precursor(self, *, user_id: Optional[int] = None) -> Precursors.SessionAnnotation:
+        return Precursors.SessionAnnotation(
+            datetime.now(timezone.utc),
+            self.session_id,
+            models.ProjectSessionAnnotation(
+                name=self.name,
+                annotator_kind=self.annotator_kind,
+                score=self.result.score if self.result else None,
+                label=self.result.label if self.result else None,
+                explanation=self.result.explanation if self.result else None,
+                metadata_=self.metadata or {},
+                identifier=self.identifier,
+                source="API",
+                user_id=user_id,
+            ),
+        )
+
+
+class SessionAnnotation(SessionAnnotationData, Annotation):
+    pass
+
+
+class SessionAnnotationsResponseBody(PaginatedResponseBody[SessionAnnotation]):
+    pass
+
+
 @router.get(
     "/projects/{project_identifier}/span_annotations",
     operation_id="listSpanAnnotationsBySpanIds",
@@ -304,3 +337,290 @@ async def list_span_annotations(
         ]
 
     return SpanAnnotationsResponseBody(data=data, next_cursor=next_cursor)
+
+
+@router.get(
+    "/projects/{project_identifier}/trace_annotations",
+    operation_id="listTraceAnnotationsByTraceIds",
+    summary="Get trace annotations for a list of trace_ids.",
+    status_code=HTTP_200_OK,
+    responses=add_errors_to_responses(
+        [
+            {"status_code": HTTP_404_NOT_FOUND, "description": "Project or traces not found"},
+            {"status_code": HTTP_422_UNPROCESSABLE_ENTITY, "description": "Invalid parameters"},
+        ]
+    ),
+)
+async def list_trace_annotations(
+    request: Request,
+    project_identifier: str = Path(
+        description=(
+            "The project identifier: either project ID or project name. If using a project name as "
+            "the identifier, it cannot contain slash (/), question mark (?), or pound sign (#) "
+            "characters."
+        )
+    ),
+    trace_ids: list[str] = Query(
+        ..., min_length=1, description="One or more trace id to fetch annotations for"
+    ),
+    include_annotation_names: Optional[list[str]] = Query(
+        default=None,
+        description=(
+            "Optional list of annotation names to include. If provided, only annotations with "
+            "these names will be returned. 'note' annotations are excluded by default unless "
+            "explicitly included in this list."
+        ),
+    ),
+    exclude_annotation_names: Optional[list[str]] = Query(
+        default=None, description="Optional list of annotation names to exclude from results."
+    ),
+    cursor: Optional[str] = Query(default=None, description="A cursor for pagination"),
+    limit: int = Query(
+        default=10,
+        gt=0,
+        le=10000,
+        description="The maximum number of annotations to return in a single request",
+    ),
+) -> TraceAnnotationsResponseBody:
+    trace_ids = list({*trace_ids})
+    if len(trace_ids) > MAX_TRACE_IDS:
+        raise HTTPException(
+            status_code=HTTP_422_UNPROCESSABLE_ENTITY,
+            detail=f"Too many trace_ids supplied: {len(trace_ids)} (max {MAX_TRACE_IDS})",
+        )
+
+    async with request.app.state.db() as session:
+        project = await _get_project_by_identifier(session, project_identifier)
+        if not project:
+            raise HTTPException(
+                status_code=HTTP_404_NOT_FOUND,
+                detail=f"Project with identifier {project_identifier} not found",
+            )
+
+        # Build the base query
+        where_conditions = [
+            models.Project.id == project.id,
+            models.Trace.trace_id.in_(trace_ids),
+        ]
+
+        # Add annotation name filtering
+        if include_annotation_names:
+            where_conditions.append(models.TraceAnnotation.name.in_(include_annotation_names))
+
+        if exclude_annotation_names:
+            where_conditions.append(models.TraceAnnotation.name.not_in(exclude_annotation_names))
+
+        stmt = (
+            select(models.Trace.trace_id, models.TraceAnnotation)
+            .join(models.Project, models.Trace.project_rowid == models.Project.id)
+            .join(models.TraceAnnotation, models.TraceAnnotation.trace_rowid == models.Trace.id)
+            .where(*where_conditions)
+            .order_by(models.TraceAnnotation.id.desc())
+            .limit(limit + 1)
+        )
+
+        if cursor:
+            try:
+                cursor_id = int(GlobalID.from_id(cursor).node_id)
+            except ValueError:
+                raise HTTPException(
+                    status_code=HTTP_422_UNPROCESSABLE_ENTITY,
+                    detail="Invalid cursor value",
+                )
+            stmt = stmt.where(models.TraceAnnotation.id <= cursor_id)
+
+        rows: list[tuple[str, models.TraceAnnotation]] = [
+            r async for r in (await session.stream(stmt))
+        ]
+
+        next_cursor: Optional[str] = None
+        if len(rows) == limit + 1:
+            *rows, extra = rows
+            next_cursor = str(GlobalID(TRACE_ANNOTATION_NODE_NAME, str(extra[1].id)))
+
+        if not rows:
+            traces_exist = await session.scalar(
+                select(
+                    exists().where(
+                        models.Trace.trace_id.in_(trace_ids),
+                        models.Trace.project_rowid == project.id,
+                    )
+                )
+            )
+            if not traces_exist:
+                raise HTTPException(
+                    detail="None of the supplied trace_ids exist in this project",
+                    status_code=HTTP_404_NOT_FOUND,
+                )
+
+            return TraceAnnotationsResponseBody(data=[], next_cursor=None)
+
+        data = [
+            TraceAnnotation(
+                id=str(GlobalID(TRACE_ANNOTATION_NODE_NAME, str(anno.id))),
+                trace_id=trace_id,
+                name=anno.name,
+                result=AnnotationResult(
+                    label=anno.label,
+                    score=anno.score,
+                    explanation=anno.explanation,
+                ),
+                metadata=anno.metadata_,
+                annotator_kind=anno.annotator_kind,
+                created_at=anno.created_at,
+                updated_at=anno.updated_at,
+                identifier=anno.identifier,
+                source=anno.source,
+                user_id=str(GlobalID("User", str(anno.user_id))) if anno.user_id else None,
+            )
+            for trace_id, anno in rows
+        ]
+
+    return TraceAnnotationsResponseBody(data=data, next_cursor=next_cursor)
+
+
+@router.get(
+    "/projects/{project_identifier}/session_annotations",
+    operation_id="listSessionAnnotationsBySessionIds",
+    summary="Get session annotations for a list of session_ids.",
+    status_code=HTTP_200_OK,
+    responses=add_errors_to_responses(
+        [
+            {"status_code": HTTP_404_NOT_FOUND, "description": "Project or sessions not found"},
+            {"status_code": HTTP_422_UNPROCESSABLE_ENTITY, "description": "Invalid parameters"},
+        ]
+    ),
+)
+async def list_session_annotations(
+    request: Request,
+    project_identifier: str = Path(
+        description=(
+            "The project identifier: either project ID or project name. If using a project name as "
+            "the identifier, it cannot contain slash (/), question mark (?), or pound sign (#) "
+            "characters."
+        )
+    ),
+    session_ids: list[str] = Query(
+        ..., min_length=1, description="One or more session id to fetch annotations for"
+    ),
+    include_annotation_names: Optional[list[str]] = Query(
+        default=None,
+        description=(
+            "Optional list of annotation names to include. If provided, only annotations with "
+            "these names will be returned. 'note' annotations are excluded by default unless "
+            "explicitly included in this list."
+        ),
+    ),
+    exclude_annotation_names: Optional[list[str]] = Query(
+        default=None, description="Optional list of annotation names to exclude from results."
+    ),
+    cursor: Optional[str] = Query(default=None, description="A cursor for pagination"),
+    limit: int = Query(
+        default=10,
+        gt=0,
+        le=10000,
+        description="The maximum number of annotations to return in a single request",
+    ),
+) -> SessionAnnotationsResponseBody:
+    session_ids = list({*session_ids})
+    if len(session_ids) > MAX_SESSION_IDS:
+        raise HTTPException(
+            status_code=HTTP_422_UNPROCESSABLE_ENTITY,
+            detail=f"Too many session_ids supplied: {len(session_ids)} (max {MAX_SESSION_IDS})",
+        )
+
+    async with request.app.state.db() as session:
+        project = await _get_project_by_identifier(session, project_identifier)
+        if not project:
+            raise HTTPException(
+                status_code=HTTP_404_NOT_FOUND,
+                detail=f"Project with identifier {project_identifier} not found",
+            )
+
+        # Build the base query
+        where_conditions = [
+            models.Project.id == project.id,
+            models.ProjectSession.session_id.in_(session_ids),
+        ]
+
+        # Add annotation name filtering
+        if include_annotation_names:
+            where_conditions.append(
+                models.ProjectSessionAnnotation.name.in_(include_annotation_names)
+            )
+
+        if exclude_annotation_names:
+            where_conditions.append(
+                models.ProjectSessionAnnotation.name.not_in(exclude_annotation_names)
+            )
+
+        stmt = (
+            select(models.ProjectSession.session_id, models.ProjectSessionAnnotation)
+            .join(models.Project, models.ProjectSession.project_id == models.Project.id)
+            .join(
+                models.ProjectSessionAnnotation,
+                models.ProjectSessionAnnotation.project_session_id == models.ProjectSession.id,
+            )
+            .where(*where_conditions)
+            .order_by(models.ProjectSessionAnnotation.id.desc())
+            .limit(limit + 1)
+        )
+
+        if cursor:
+            try:
+                cursor_id = int(GlobalID.from_id(cursor).node_id)
+            except ValueError:
+                raise HTTPException(
+                    status_code=HTTP_422_UNPROCESSABLE_ENTITY,
+                    detail="Invalid cursor value",
+                )
+            stmt = stmt.where(models.ProjectSessionAnnotation.id <= cursor_id)
+
+        rows: list[tuple[str, models.ProjectSessionAnnotation]] = [
+            r async for r in (await session.stream(stmt))
+        ]
+
+        next_cursor: Optional[str] = None
+        if len(rows) == limit + 1:
+            *rows, extra = rows
+            next_cursor = str(GlobalID(SESSION_ANNOTATION_NODE_NAME, str(extra[1].id)))
+
+        if not rows:
+            sessions_exist = await session.scalar(
+                select(
+                    exists().where(
+                        models.ProjectSession.session_id.in_(session_ids),
+                        models.ProjectSession.project_id == project.id,
+                    )
+                )
+            )
+            if not sessions_exist:
+                raise HTTPException(
+                    detail="None of the supplied session_ids exist in this project",
+                    status_code=HTTP_404_NOT_FOUND,
+                )
+
+            return SessionAnnotationsResponseBody(data=[], next_cursor=None)
+
+        data = [
+            SessionAnnotation(
+                id=str(GlobalID(SESSION_ANNOTATION_NODE_NAME, str(anno.id))),
+                session_id=session_id,
+                name=anno.name,
+                result=AnnotationResult(
+                    label=anno.label,
+                    score=anno.score,
+                    explanation=anno.explanation,
+                ),
+                metadata=anno.metadata_,
+                annotator_kind=anno.annotator_kind,
+                created_at=anno.created_at,
+                updated_at=anno.updated_at,
+                identifier=anno.identifier,
+                source=anno.source,
+                user_id=str(GlobalID(USER_NODE_NAME, str(anno.user_id))) if anno.user_id else None,
+            )
+            for session_id, anno in rows
+        ]
+
+    return SessionAnnotationsResponseBody(data=data, next_cursor=next_cursor)

phoenix/server/api/routers/v1/datasets.py

@@ -48,6 +48,7 @@ from phoenix.server.api.types.DatasetVersion import DatasetVersion as DatasetVer
 from phoenix.server.api.types.node import from_global_id_with_expected_type
 from phoenix.server.api.utils import delete_projects, delete_traces
 from phoenix.server.authorization import is_not_locked
+from phoenix.server.bearer_auth import PhoenixUser
 from phoenix.server.dml_event import DatasetInsertEvent
 
 from .models import V1RoutesBaseModel
@@ -478,6 +479,9 @@ async def upload_dataset(
             detail="Invalid request Content-Type",
             status_code=HTTP_422_UNPROCESSABLE_ENTITY,
         )
+    user_id: Optional[int] = None
+    if request.app.state.authentication_enabled and isinstance(request.user, PhoenixUser):
+        user_id = int(request.user.identity)
     operation = cast(
         Callable[[AsyncSession], Awaitable[DatasetExampleAdditionEvent]],
         partial(
@@ -486,6 +490,7 @@ async def upload_dataset(
             action=action,
             name=name,
             description=description,
+            user_id=user_id,
         ),
     )
     if sync:

phoenix/server/api/routers/v1/experiments.py

@@ -15,10 +15,14 @@ from starlette.status import HTTP_200_OK, HTTP_404_NOT_FOUND, HTTP_422_UNPROCESS
 from strawberry.relay import GlobalID
 
 from phoenix.db import models
-from phoenix.db.helpers import SupportedSQLDialect
+from phoenix.db.helpers import (
+    SupportedSQLDialect,
+    insert_experiment_with_examples_snapshot,
+)
 from phoenix.db.insertion.helpers import insert_on_conflict
 from phoenix.server.api.types.node import from_global_id_with_expected_type
 from phoenix.server.authorization import is_not_locked
+from phoenix.server.bearer_auth import PhoenixUser
 from phoenix.server.dml_event import ExperimentInsertEvent
 from phoenix.server.experiments.utils import generate_experiment_project_name
 
@@ -157,6 +161,9 @@ async def create_experiment(
                     detail=f"DatasetVersion with ID {dataset_version_globalid} does not exist",
                     status_code=HTTP_404_NOT_FOUND,
                 )
+        user_id: Optional[int] = None
+        if request.app.state.authentication_enabled and isinstance(request.user, PhoenixUser):
+            user_id = int(request.user.identity)
 
         # generate a semi-unique name for the experiment
         experiment_name = request_body.name or _generate_experiment_name(dataset_name)
@@ -172,9 +179,9 @@ async def create_experiment(
             repetitions=request_body.repetitions,
             metadata_=request_body.metadata or {},
             project_name=project_name,
+            user_id=user_id,
         )
-        session.add(experiment)
-        await session.flush()
+        await insert_experiment_with_examples_snapshot(session, experiment)
 
         dialect = SupportedSQLDialect(session.bind.dialect.name)
         project_rowid = await session.scalar(

phoenix/server/api/routers/v1/sessions.py

@@ -0,0 +1,111 @@
+from __future__ import annotations
+
+import warnings
+from typing import Optional
+
+from fastapi import APIRouter, Depends, HTTPException, Query
+from pydantic import Field
+from sqlalchemy import select
+from starlette.requests import Request
+from starlette.status import HTTP_404_NOT_FOUND
+
+from phoenix.db import models
+from phoenix.db.helpers import SupportedSQLDialect
+from phoenix.db.insertion.helpers import as_kv, insert_on_conflict
+from phoenix.server.api.routers.v1.models import V1RoutesBaseModel
+from phoenix.server.authorization import is_not_locked
+from phoenix.server.bearer_auth import PhoenixUser
+
+from .annotations import SessionAnnotationData
+from .utils import RequestBody, ResponseBody, add_errors_to_responses
+
+router = APIRouter(tags=["sessions"])
+
+
+class InsertedSessionAnnotation(V1RoutesBaseModel):
+    id: str = Field(description="The ID of the inserted session annotation")
+
+
+class AnnotateSessionsRequestBody(RequestBody[list[SessionAnnotationData]]):
+    pass
+
+
+class AnnotateSessionsResponseBody(ResponseBody[list[InsertedSessionAnnotation]]):
+    pass
+
+
+@router.post(
+    "/session_annotations",
+    dependencies=[Depends(is_not_locked)],
+    operation_id="annotateSessions",
+    summary="Create session annotations",
+    responses=add_errors_to_responses(
+        [{"status_code": HTTP_404_NOT_FOUND, "description": "Session not found"}]
+    ),
+    response_description="Session annotations inserted successfully",
+    include_in_schema=True,
+)
+async def annotate_sessions(
+    request: Request,
+    request_body: AnnotateSessionsRequestBody,
+    sync: bool = Query(default=False, description="If true, fulfill request synchronously."),
+) -> AnnotateSessionsResponseBody:
+    if not request_body.data:
+        return AnnotateSessionsResponseBody(data=[])
+
+    user_id: Optional[int] = None
+    if request.app.state.authentication_enabled and isinstance(request.user, PhoenixUser):
+        user_id = int(request.user.identity)
+
+    session_annotations = request_body.data
+    filtered_session_annotations = list(filter(lambda d: d.name != "note", session_annotations))
+    if len(filtered_session_annotations) != len(session_annotations):
+        warnings.warn(
+            (
+                "Session annotations with the name 'note' are not supported in this endpoint. "
+                "They will be ignored."
+            ),
+            UserWarning,
+        )
+    precursors = [d.as_precursor(user_id=user_id) for d in filtered_session_annotations]
+    if not sync:
+        await request.state.enqueue_annotations(*precursors)
+        return AnnotateSessionsResponseBody(data=[])
+
+    session_ids = {p.session_id for p in precursors}
+    async with request.app.state.db() as session:
+        existing_sessions = {
+            session_id: rowid
+            async for session_id, rowid in await session.stream(
+                select(models.ProjectSession.session_id, models.ProjectSession.id).filter(
+                    models.ProjectSession.session_id.in_(session_ids)
+                )
+            )
+        }
+
+    missing_session_ids = session_ids - set(existing_sessions.keys())
+    # We prefer to fail the entire operation if there are missing sessions in sync mode
+    if missing_session_ids:
+        raise HTTPException(
+            detail=f"Sessions with IDs {', '.join(missing_session_ids)} do not exist.",
+            status_code=HTTP_404_NOT_FOUND,
+        )
+
+    async with request.app.state.db() as session:
+        inserted_ids = []
+        dialect = SupportedSQLDialect(session.bind.dialect.name)
+        for p in precursors:
+            values = dict(as_kv(p.as_insertable(existing_sessions[p.session_id]).row))
+            session_annotation_id = await session.scalar(
+                insert_on_conflict(
+                    values,
+                    dialect=dialect,
+                    table=models.ProjectSessionAnnotation,
+                    unique_by=("name", "project_session_id", "identifier"),
+                ).returning(models.ProjectSessionAnnotation.id)
+            )
+            inserted_ids.append(session_annotation_id)
+
+    return AnnotateSessionsResponseBody(
+        data=[InsertedSessionAnnotation(id=str(inserted_id)) for inserted_id in inserted_ids]
+    )

phoenix/server/api/routers/v1/traces.py

@@ -144,12 +144,11 @@ class AnnotateTracesResponseBody(ResponseBody[list[InsertedTraceAnnotation]]):
     responses=add_errors_to_responses(
         [{"status_code": HTTP_404_NOT_FOUND, "description": "Trace not found"}]
     ),
-    include_in_schema=False,
 )
 async def annotate_traces(
     request: Request,
     request_body: AnnotateTracesRequestBody,
-    sync: bool = Query(default=True, description="If true, fulfill request synchronously."),
+    sync: bool = Query(default=False, description="If true, fulfill request synchronously."),
 ) -> AnnotateTracesResponseBody:
     if not request_body.data:
         return AnnotateTracesResponseBody(data=[])

phoenix/server/api/routers/v1/users.py

@@ -217,6 +217,13 @@ async def create_user(
             detail="Cannot create users with SYSTEM role",
         )
 
+    # TODO: Implement VIEWER role
+    if role == "VIEWER":
+        raise HTTPException(
+            status_code=HTTP_400_BAD_REQUEST,
+            detail="VIEWER role not yet implemented",
+        )
+
     user: models.User
     if isinstance(user_data, LocalUserData):
         password = (user_data.password or secrets.token_hex()).strip()