ibm-watsonx-orchestrate 1.10.0b0__py3-none-any.whl → 1.10.1__py3-none-any.whl

ibm_watsonx_orchestrate/cli/commands/connections/connections_controller.py

@@ -19,15 +19,18 @@ from ibm_watsonx_orchestrate.agent_builder.connections.types import (
     BasicAuthCredentials,
     BearerTokenAuthCredentials,
     APIKeyAuthCredentials,
-    # OAuth2AuthCodeCredentials,
+    OAuth2AuthCodeCredentials,
     OAuth2ClientCredentials,
     # OAuth2ImplicitCredentials,
-    # OAuth2PasswordCredentials,
+    OAuth2PasswordCredentials,
     OAuthOnBehalfOfCredentials,
     KeyValueConnectionCredentials,
     CREDENTIALS,
     IdentityProviderCredentials,
-    OAUTH_CONNECTION_TYPES, OAuth2AuthCodeCredentials
+    OAUTH_CONNECTION_TYPES,
+    ConnectionCredentialsEntryLocation,
+    ConnectionCredentialsEntry,
+    ConnectionCredentialsCustomFields
 
 )
 
@@ -115,7 +118,7 @@ def _format_token_headers(header_list: List) -> dict:
 
 def _validate_connection_params(type: ConnectionType, **args) -> None:
 
-    if type == ConnectionType.BASIC_AUTH and (
+    if type in {ConnectionType.BASIC_AUTH, ConnectionType.OAUTH2_PASSWORD} and (
             args.get('username') is None or args.get('password') is None
     ):
         raise typer.BadParameter(
@@ -136,7 +139,7 @@ def _validate_connection_params(type: ConnectionType, **args) -> None:
             f"Missing flags --api-key is required for type {type}"
         )
 
-    if type in {ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE} and args.get('client_secret') is None:
+    if type in {ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE, ConnectionType.OAUTH2_PASSWORD} and args.get('client_secret') is None:
         raise typer.BadParameter(
             f"Missing flags --client-secret is required for type {type}"
         )
@@ -146,14 +149,14 @@ def _validate_connection_params(type: ConnectionType, **args) -> None:
             f"Missing flags --auth-url is required for type {type}"
         )
 
-    if type in {ConnectionType.OAUTH_ON_BEHALF_OF_FLOW, ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE} and (
+    if type in {ConnectionType.OAUTH_ON_BEHALF_OF_FLOW, ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE, ConnectionType.OAUTH2_PASSWORD} and (
             args.get('client_id') is None
     ):
         raise typer.BadParameter(
             f"Missing flags --client-id is required for type {type}"
         )
     
-    if type in {ConnectionType.OAUTH_ON_BEHALF_OF_FLOW, ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE} and (
+    if type in {ConnectionType.OAUTH_ON_BEHALF_OF_FLOW, ConnectionType.OAUTH2_CLIENT_CREDS, ConnectionType.OAUTH2_AUTH_CODE, ConnectionType.OAUTH2_PASSWORD} and (
             args.get('token_url') is None
     ):
         raise typer.BadParameter(
@@ -167,6 +170,13 @@ def _validate_connection_params(type: ConnectionType, **args) -> None:
             f"Missing flags --grant-type is required for type {type}"
         )
     
+    if type != ConnectionType.OAUTH2_AUTH_CODE and (
+        args.get('auth_entries')
+    ):
+        raise typer.BadParameter(
+            f"The flag --auth-entries is only supported by type {type}"
+        )
+    
 
 def _parse_entry(entry: str) -> dict[str,str]:
     split_entry = entry.split('=', 1)
@@ -176,6 +186,19 @@ def _parse_entry(entry: str) -> dict[str,str]:
         exit(1)
     return {split_entry[0]: split_entry[1]}
 
+def _get_oauth_custom_fields(token_entries: List[ConnectionCredentialsEntry] | None, auth_entries: List[ConnectionCredentialsEntry] | None) -> dict:
+    custom_fields = ConnectionCredentialsCustomFields()
+
+    if token_entries:
+        for entry in token_entries:
+            custom_fields.add_field(entry, is_token=True)
+    
+    if auth_entries:
+        for entry in auth_entries:
+            custom_fields.add_field(entry, is_token=False)
+    
+    return custom_fields.model_dump(exclude_none=True)
+
 def _get_credentials(type: ConnectionType, **kwargs):
     match type:
         case ConnectionType.BASIC_AUTH:
@@ -192,35 +215,39 @@ def _get_credentials(type: ConnectionType, **kwargs):
                 api_key=kwargs.get("api_key")
             )
         case ConnectionType.OAUTH2_AUTH_CODE:
+            custom_fields = _get_oauth_custom_fields(kwargs.get("token_entries"), kwargs.get("auth_entries"))
             return OAuth2AuthCodeCredentials(
                 authorization_url=kwargs.get("auth_url"),
                 client_id=kwargs.get("client_id"),
                 client_secret=kwargs.get("client_secret"),
                 token_url=kwargs.get("token_url"),
-                scope=kwargs.get("scope")
+                scope=kwargs.get("scope"),
+                **custom_fields
             )
         case ConnectionType.OAUTH2_CLIENT_CREDS:
             # using filtered args as default values will not be set if 'None' is passed, causing validation errors
             keys = ["client_id","client_secret","token_url","grant_type","send_via", "scope"]
             filtered_args = { key_name: kwargs[key_name] for key_name in keys if kwargs.get(key_name) }
-            return OAuth2ClientCredentials(**filtered_args)
+            custom_fields = _get_oauth_custom_fields(kwargs.get("token_entries"), kwargs.get("auth_entries"))
+            return OAuth2ClientCredentials(**filtered_args, **custom_fields)
         # case ConnectionType.OAUTH2_IMPLICIT:
         #     return OAuth2ImplicitCredentials(
         #         authorization_url=kwargs.get("auth_url"),
         #         client_id=kwargs.get("client_id"),
         #     )
-        # case ConnectionType.OAUTH2_PASSWORD:
-        #     return OAuth2PasswordCredentials(
-        #         authorization_url=kwargs.get("auth_url"),
-        #         client_id=kwargs.get("client_id"),
-        #         client_secret=kwargs.get("client_secret"),
-        #         token_url=kwargs.get("token_url")
-        #     )
+        case ConnectionType.OAUTH2_PASSWORD:
+            keys = ["username", "password", "client_id","client_secret","token_url","grant_type", "scope"]
+            filtered_args = { key_name: kwargs[key_name] for key_name in keys if kwargs.get(key_name) }
+            custom_fields = _get_oauth_custom_fields(kwargs.get("token_entries"), kwargs.get("auth_entries"))
+            return OAuth2PasswordCredentials(**filtered_args, **custom_fields)
+        
         case ConnectionType.OAUTH_ON_BEHALF_OF_FLOW:
+            custom_fields = _get_oauth_custom_fields(kwargs.get("token_entries"), kwargs.get("auth_entries"))
             return OAuthOnBehalfOfCredentials(
                 client_id=kwargs.get("client_id"),
                 access_token_url=kwargs.get("token_url"),
-                grant_type=kwargs.get("grant_type")
+                grant_type=kwargs.get("grant_type"),
+                **custom_fields
             )
         case ConnectionType.KEY_VALUE:
             env = {}
@@ -233,6 +260,23 @@ def _get_credentials(type: ConnectionType, **kwargs):
         case _:
             raise ValueError(f"Invalid type '{type}' selected")
 
+def _connection_credentials_parse_entry(text: str, default_location: ConnectionCredentialsEntryLocation) -> ConnectionCredentialsEntry:
+    location_kv_pair = text.split(":", 1)
+    key_value = location_kv_pair[-1]
+    location = location_kv_pair[0] if len(location_kv_pair)>1 else default_location
+
+    valid_locations = [item.value for item in ConnectionCredentialsEntryLocation]
+    if location not in valid_locations:
+        raise typer.BadParameter(f"The provided location '{location}' is not in the allowed values {valid_locations}.")
+
+    key_value_pair = key_value.split('=', 1)
+    if len(key_value_pair) != 2:
+        message = f"The entry '{text}' is not in the expected form '<location>:<key>=<value>' or '<key>=<value>'"
+        raise typer.BadParameter(message)
+    key, value = key_value_pair[0], key_value_pair[1]
+    
+    return ConnectionCredentialsEntry(key=key, value=value, location=location)
+    
 
 def add_configuration(config: ConnectionConfiguration) -> None:
     client = get_connections_client()
@@ -283,25 +327,24 @@ def add_configuration(config: ConnectionConfiguration) -> None:
         logger.error(response_text)
         exit(1)
 
-def add_credentials(app_id: str, environment: ConnectionEnvironment, use_app_credentials: bool, credentials: CREDENTIALS) -> None:
+def add_credentials(app_id: str, environment: ConnectionEnvironment, use_app_credentials: bool, credentials: CREDENTIALS, payload: dict = None) -> None:
     client = get_connections_client()
     try:
         existing_credentials = client.get_credentials(app_id=app_id, env=environment, use_app_credentials=use_app_credentials)
-        if use_app_credentials:
-            payload = {
-                "app_credentials": credentials.model_dump(exclude_none=True)
-            }
-        else:
-            payload = {
-                "runtime_credentials": credentials.model_dump(exclude_none=True)
-            }
+        if not payload:
+            if use_app_credentials:
+                payload = {
+                    "app_credentials": credentials.model_dump(exclude_none=True)
+                }
+            else:
+                payload = {
+                    "runtime_credentials": credentials.model_dump(exclude_none=True)
+                }
         
-        logger.info(f"Setting credentials for environment '{environment}' on connection '{app_id}'")
         if existing_credentials:
             client.update_credentials(app_id=app_id, env=environment, use_app_credentials=use_app_credentials, payload=payload)
         else:
             client.create_credentials(app_id=app_id,env=environment, use_app_credentials=use_app_credentials, payload=payload)
-        logger.info(f"Credentials successfully set for '{environment}' environment of connection '{app_id}'")
     except requests.HTTPError as e:
         response = e.response
         response_text = response.text
@@ -489,7 +532,20 @@ def set_credentials_connection(
     _validate_connection_params(type=conn_type, **kwargs)
     credentials = _get_credentials(type=conn_type, **kwargs)
 
-    add_credentials(app_id=app_id, environment=environment, use_app_credentials=use_app_credentials, credentials=credentials)
+    # Special handling for oauth2 password flow as it sends both app_creds and runtime_creds
+    logger.info(f"Setting credentials for environment '{environment}' on connection '{app_id}'")
+    if conn_type == ConnectionType.OAUTH2_PASSWORD:
+        credentials_model = credentials.model_dump(exclude_none=True)
+        runtime_cred_keys = {"username", "password"}
+        app_creds = {"app_credentials": {k: credentials_model[k] for k in credentials_model if k not in runtime_cred_keys}}
+        runtime_creds = {"runtime_credentials": {k: credentials_model[k] for k in credentials_model if k in runtime_cred_keys}}
+
+        add_credentials(app_id=app_id, environment=environment, use_app_credentials=True, credentials=credentials, payload=app_creds)
+        add_credentials(app_id=app_id, environment=environment, use_app_credentials=False, credentials=credentials, payload=runtime_creds)
+    else:
+        add_credentials(app_id=app_id, environment=environment, use_app_credentials=use_app_credentials, credentials=credentials)
+    
+    logger.info(f"Credentials successfully set for '{environment}' environment of connection '{app_id}'")
 
 def set_identity_provider_connection(
     app_id: str,
@@ -514,5 +570,15 @@ def set_identity_provider_connection(
         logger.error(f"Cannot set Identity Provider when 'sso' is false in configuration. Please enable sso for connection '{app_id}' in environment '{environment}' and try again.")
         sys.exit(1)
 
-    idp = IdentityProviderCredentials.model_validate(kwargs)
+    custom_fields = _get_oauth_custom_fields(token_entries=kwargs.get("token_entries"), auth_entries=None)
+    idp = IdentityProviderCredentials(**kwargs, **custom_fields)
     add_identity_provider(app_id=app_id, environment=environment, idp=idp)
+
+def token_entry_connection_credentials_parse(text: str) -> ConnectionCredentialsEntry:
+    return _connection_credentials_parse_entry(text=text, default_location=ConnectionCredentialsEntryLocation.HEADER)
+    
+def auth_entry_connection_credentials_parse(text: str) -> ConnectionCredentialsEntry:
+    entry = _connection_credentials_parse_entry(text=text, default_location=ConnectionCredentialsEntryLocation.QUERY)
+    if entry.location != ConnectionCredentialsEntryLocation.QUERY:
+        raise typer.BadParameter(f"Only location '{ConnectionCredentialsEntryLocation.QUERY}' is supported for --auth-entry")
+    return entry

ibm_watsonx_orchestrate/cli/commands/knowledge_bases/knowledge_bases_controller.py

@@ -13,6 +13,7 @@ from ibm_watsonx_orchestrate.client.knowledge_bases.knowledge_base_client import
 from ibm_watsonx_orchestrate.client.base_api_client import ClientAPIException
 from ibm_watsonx_orchestrate.client.connections import get_connections_client
 from ibm_watsonx_orchestrate.client.utils import instantiate_client
+from ibm_watsonx_orchestrate.agent_builder.knowledge_bases.types import FileUpload
 
 logger = logging.getLogger(__name__)
 
@@ -43,7 +44,8 @@ def parse_file(file: str) -> List[KnowledgeBase]:
 def to_column_name(col: str):
     return " ".join([word.capitalize() if not word[0].isupper() else word for word in col.split("_")])
 
-def get_file_name(path: str):
+def get_file_name(file: str | FileUpload):
+    path = file.path if isinstance(file, FileUpload) else file
     # This name prettifying currently screws up file type detection on ingestion
     # return to_column_name(path.split("/")[-1].split(".")[0]) 
     return path.split("/")[-1]
@@ -55,7 +57,11 @@ def get_relative_file_path(path, dir):
         return f"{dir}{path.removeprefix('.')}"
     else:
         return f"{dir}/{path}"
-
+    
+def build_file_object(file_dir: str, file: str | FileUpload):
+    if isinstance(file, FileUpload):
+        return ('files', (get_file_name(file.path), open(get_relative_file_path(file.path, file_dir), 'rb')))
+    return ('files', (get_file_name(file), open(get_relative_file_path(file, file_dir), 'rb')))
 
 class KnowledgeBaseController:
     def __init__(self):
@@ -101,13 +107,19 @@ class KnowledgeBaseController:
 
                 kb.validate_documents_or_index_exists()
                 if kb.documents:
-                    files = [('files', (get_file_name(file_path), open(get_relative_file_path(file_path, file_dir), 'rb'))) for file_path in kb.documents]
+                    files = [build_file_object(file_dir, file) for file in kb.documents]
+                    file_urls = { get_file_name(file): file.url for file in kb.documents if isinstance(file, FileUpload) and file.url }
                     
                     kb.prioritize_built_in_index = True
                     payload = kb.model_dump(exclude_none=True);
                     payload.pop('documents');
 
-                    client.create_built_in(payload=payload, files=files)
+                    data = {
+                        'knowledge_base': json.dumps(payload),
+                        'file_urls': json.dumps(file_urls)
+                    }
+
+                    client.create_built_in(payload=data, files=files)
                 else:
                     if len(kb.conversational_search_tool.index_config) != 1:
                         raise ValueError(f"Must provide exactly one conversational_search_tool.index_config. Provided {len(kb.conversational_search_tool.index_config)}.")
@@ -118,7 +130,9 @@ class KnowledgeBaseController:
                         raise ValueError(f"Must provide credentials (via --app-id) when using milvus or elastic_search.")
 
                     kb.prioritize_built_in_index = False
-                    client.create(payload=kb.model_dump(exclude_none=True))
+                    data = { 'knowledge_base': json.dumps(kb.model_dump(exclude_none=True)) }
+
+                    client.create(payload=data)
                 
                 logger.info(f"Successfully imported knowledge base '{kb.name}'")
             except ClientAPIException as e:
@@ -151,8 +165,8 @@ class KnowledgeBaseController:
             existing_docs = [doc.get("metadata", {}).get("original_file_name", "") for doc in status.get("documents", [])]
             
             removed_docs = existing_docs[:]
-            for filepath in kb.documents:
-                filename = get_file_name(filepath)
+            for file in kb.documents:
+                filename = get_file_name(file)
 
                 if filename in existing_docs:
                     logger.warning(f'Document \"{filename}\" already exists in knowledge base. Updating...')
@@ -162,17 +176,25 @@ class KnowledgeBaseController:
                 logger.warning(f'Document \"{filename}\" removed from knowledge base.')
 
 
-            files = [('files', (get_file_name(file_path), open(get_relative_file_path(file_path, file_dir), 'rb'))) for file_path in kb.documents]
+            files = [build_file_object(file_dir, file) for file in kb.documents]
+            file_urls = { get_file_name(file): file.url for file in kb.documents if isinstance(file, FileUpload) and file.url }
             
             kb.prioritize_built_in_index = True
             payload = kb.model_dump(exclude_none=True);
             payload.pop('documents');
 
-            self.get_client().update_with_documents(knowledge_base_id, payload=payload, files=files)
+            data = {
+                'knowledge_base': json.dumps(payload),
+                'file_urls': json.dumps(file_urls)
+            }
+
+            self.get_client().update_with_documents(knowledge_base_id, payload=data, files=files)
         else:
             if kb.conversational_search_tool and kb.conversational_search_tool.index_config:
                 kb.prioritize_built_in_index = False
-            self.get_client().update(knowledge_base_id, kb.model_dump(exclude_none=True))
+
+            data = { 'knowledge_base': json.dumps(kb.model_dump(exclude_none=True)) }
+            self.get_client().update(knowledge_base_id, payload=data)
 
         logger.info(f"Knowledge base '{kb.name}' updated successfully")
 

ibm_watsonx_orchestrate/cli/commands/server/server_command.py

@@ -191,9 +191,6 @@ def get_default_registry_env_vars_by_dev_edition_source(default_env: dict, user_
             parsed = urlparse(wo_url)
             hostname = parsed.hostname
             
-            if not hostname or not hostname.startswith("api."):
-                raise ValueError(f"Invalid WO_INSTANCE URL: '{wo_url}'. It should starts with 'api.'")
-            
             registry_url = f"registry.{hostname[4:]}/cp/wxo-lite"
         else:
             raise ValueError(f"Unknown value for developer edition source: {source}. Must be one of ['internal', 'myibm', 'orchestrate'].")
@@ -332,7 +329,6 @@ def write_merged_env_file(merged_env: dict, target_path: str = None) -> Path:
             file.write(f"{key}={val}\n")
     return Path(file.name)
 
-
 def get_dbtag_from_architecture(merged_env_dict: dict) -> str:
     """Detects system architecture and returns the corresponding DBTAG."""
     arch = platform.machine()
@@ -375,7 +371,8 @@ def run_compose_lite(
         experimental_with_langfuse=False, 
         experimental_with_ibm_telemetry=False, 
         with_doc_processing=False,
-        with_voice=False
+        with_voice=False,
+        experimental_with_langflow=False,
     ) -> None:
     compose_path = get_compose_file()
 
@@ -404,7 +401,11 @@ def run_compose_lite(
     logger.info("Database container started successfully. Now starting other services...")
 
 
-    # Step 2: Start all remaining services (except DB)
+    # Step 2: Create Langflow DB (if enabled)
+    if experimental_with_langflow:
+        create_langflow_db()
+
+    # Step 3: Start all remaining services (except DB)
     profiles = []
     if experimental_with_langfuse:
         profiles.append("langfuse")
@@ -414,6 +415,8 @@ def run_compose_lite(
         profiles.append("docproc")
     if with_voice:
         profiles.append("voice")
+    if experimental_with_langflow:
+        profiles.append("langflow")
 
     command = compose_command[:]
     for profile in profiles:
@@ -665,7 +668,6 @@ def run_compose_lite_down(final_env_file: Path, is_reset: bool = False) -> None:
         )
         sys.exit(1)
 
-
 def run_compose_lite_logs(final_env_file: Path, is_reset: bool = False) -> None:
     compose_path = get_compose_file()
     compose_command = ensure_docker_compose_installed()
@@ -866,6 +868,12 @@ def server_start(
         '--with-voice', '-v',
         help='Enable voice controller to interact with the chat via voice channels'
     ),
+    experimental_with_langflow: bool = typer.Option(
+        False,
+        '--experimental-with-langflow',
+        help='(Experimental) Enable Langflow UI, available at http://localhost:7861',
+        hidden=True
+    ),
 ):
     confirm_accepts_license_agreement(accept_terms_and_conditions)
 
@@ -907,6 +915,9 @@ def server_start(
     if experimental_with_ibm_telemetry:
         merged_env_dict['USE_IBM_TELEMETRY'] = 'true'
 
+    if experimental_with_langflow:
+        merged_env_dict['LANGFLOW_ENABLED'] = 'true'
+    
 
     try:
         dev_edition_source = get_dev_edition_source(merged_env_dict)
@@ -921,7 +932,8 @@ def server_start(
                      experimental_with_langfuse=experimental_with_langfuse,
                      experimental_with_ibm_telemetry=experimental_with_ibm_telemetry,
                      with_doc_processing=with_doc_processing,
-                     with_voice=with_voice)
+                     with_voice=with_voice,
+                     experimental_with_langflow=experimental_with_langflow)
     
     run_db_migration()
 
@@ -951,6 +963,8 @@ def server_start(
         logger.info(f"You can access the observability platform Langfuse at http://localhost:3010, username: orchestrate@ibm.com, password: orchestrate")
     if with_doc_processing:
         logger.info(f"Document processing in Flows (Public Preview) has been enabled.")
+    if experimental_with_langflow:
+        logger.info("Langflow has been enabled, the Langflow UI is available at http://localhost:7861")
 
 @server_app.command(name="stop")
 def server_stop(
@@ -1031,15 +1045,11 @@ def run_db_migration() -> None:
     merged_env_dict['ROUTING_LLM_API_KEY'] = ''
     merged_env_dict['ASSISTANT_LLM_API_KEY'] = ''
     final_env_file = write_merged_env_file(merged_env_dict)
+    
 
-    command = compose_command + [
-        "-f", str(compose_path),
-        "--env-file", str(final_env_file),
-        "exec",
-        "wxo-server-db",
-        "bash",
-        "-c",
-        '''
+    pg_user = merged_env_dict.get("POSTGRES_USER","postgres")
+
+    migration_command = f'''
         APPLIED_MIGRATIONS_FILE="/var/lib/postgresql/applied_migrations/applied_migrations.txt"
         touch "$APPLIED_MIGRATIONS_FILE"
 
@@ -1050,7 +1060,7 @@ def run_db_migration() -> None:
                 echo "Skipping already applied migration: $filename"
             else
                 echo "Applying migration: $filename"
-                if psql -U postgres -d postgres -q -f "$file" > /dev/null 2>&1; then
+                if psql -U {pg_user} -d postgres -q -f "$file" > /dev/null 2>&1; then
                     echo "$filename" >> "$APPLIED_MIGRATIONS_FILE"
                 else
                     echo "Error applying $filename. Stopping migrations."
@@ -1059,6 +1069,15 @@ def run_db_migration() -> None:
             fi
         done
         '''
+
+    command = compose_command + [
+        "-f", str(compose_path),
+        "--env-file", str(final_env_file),
+        "exec",
+        "wxo-server-db",
+        "bash",
+        "-c",
+        migration_command
     ]
 
     logger.info("Running Database Migration...")
@@ -1073,6 +1092,65 @@ def run_db_migration() -> None:
         )
         sys.exit(1)
 
+def create_langflow_db() -> None:
+    compose_path = get_compose_file()
+    compose_command = ensure_docker_compose_installed()
+    default_env_path = get_default_env_file()
+    merged_env_dict = merge_env(default_env_path, user_env_path=None)
+    merged_env_dict['WATSONX_SPACE_ID']='X'
+    merged_env_dict['WATSONX_APIKEY']='X'
+    merged_env_dict['WXAI_API_KEY'] = ''
+    merged_env_dict['ASSISTANT_EMBEDDINGS_API_KEY'] = ''
+    merged_env_dict['ASSISTANT_LLM_SPACE_ID'] = ''
+    merged_env_dict['ROUTING_LLM_SPACE_ID'] = ''
+    merged_env_dict['USE_SAAS_ML_TOOLS_RUNTIME'] = ''
+    merged_env_dict['BAM_API_KEY'] = ''
+    merged_env_dict['ASSISTANT_EMBEDDINGS_SPACE_ID'] = ''
+    merged_env_dict['ROUTING_LLM_API_KEY'] = ''
+    merged_env_dict['ASSISTANT_LLM_API_KEY'] = ''
+    final_env_file = write_merged_env_file(merged_env_dict)
+
+    pg_timeout = merged_env_dict.get('POSTGRES_READY_TIMEOUT','10')
+
+    pg_user = merged_env_dict.get("POSTGRES_USER","postgres")
+
+    creation_command = f"""
+    echo 'Waiting for pg to initialize...'
+
+    timeout={pg_timeout}
+    while [[ -z `pg_isready | grep 'accepting connections'` ]] && (( timeout > 0 )); do
+      ((timeout-=1)) && sleep 1;
+    done
+
+    if psql -U {pg_user} -lqt | cut -d \\| -f 1 | grep -qw langflow; then
+        echo 'Existing Langflow DB found'
+    else
+        echo 'Creating Langflow DB'
+        createdb -U "{pg_user}" -O "{pg_user}" langflow;
+        psql -U {pg_user} -q -d postgres -c "GRANT CONNECT ON DATABASE langflow TO {pg_user}";
+    fi
+    """
+    command = compose_command + [
+        "-f", str(compose_path),
+        "--env-file", str(final_env_file),
+        "exec",
+        "wxo-server-db",
+        "bash",
+        "-c",
+        creation_command
+    ]
+
+    logger.info("Preparing Langflow resources...")
+    result = subprocess.run(command, capture_output=False)
+
+    if result.returncode == 0:
+        logger.info("Langflow resources sucessfully created")
+    else:
+        error_message = result.stderr.decode('utf-8') if result.stderr else "Error occurred."
+        logger.error(
+            f"Failed to create Langflow resources\n{error_message}"
+        )
+        sys.exit(1)
 
 def bump_file_iteration(filename: str) -> str:
     regex = re.compile(f"^(?P<name>[^\\(\\s\\.\\)]+)(\\((?P<num>\\d+)\\))?(?P<type>\\.(?:{'|'.join(_EXPORT_FILE_TYPES)}))?$")

ibm_watsonx_orchestrate/cli/commands/server/types.py

@@ -1,5 +1,6 @@
 import logging
 import sys
+import uuid
 from enum import Enum
 from pydantic import BaseModel, model_validator, ConfigDict
 
@@ -43,9 +44,6 @@ class WatsonXAIEnvConfig(BaseModel):
         if not config.get("WATSONX_SPACE_ID") and not config.get("WATSONX_APIKEY"):
              raise ValueError("Missing configuration requirements 'WATSONX_SPACE_ID' and 'WATSONX_APIKEY'")
         
-        if config.get("WATSONX_SPACE_ID") and not config.get("WATSONX_APIKEY"):
-            logger.error("Cannot use env var 'WATSONX_SPACE_ID' without setting the corresponding 'WATSONX_APIKEY'")
-            sys.exit(1)
         
         if not config.get("WATSONX_SPACE_ID") and config.get("WATSONX_APIKEY"):
             logger.error("Cannot use env var 'WATSONX_APIKEY' without setting the corresponding 'WATSONX_SPACE_ID'")
@@ -54,6 +52,12 @@ class WatsonXAIEnvConfig(BaseModel):
         config["USE_SAAS_ML_TOOLS_RUNTIME"] = False
         return config
 
+def is_valid_uuid(value) -> bool:
+    try:
+        uuid.UUID(str(value))
+        return True
+    except (ValueError, TypeError, AttributeError):
+        return False
 
 class ModelGatewayEnvConfig(BaseModel):
     WO_API_KEY: str | None = None
@@ -84,7 +88,10 @@ class ModelGatewayEnvConfig(BaseModel):
         if not config.get("AUTHORIZATION_URL"):
             inferred_auth_url = AUTH_TYPE_DEFAULT_URL_MAPPING.get(auth_type)
             if not inferred_auth_url:
-                logger.error(f"No 'AUTHORIZATION_URL' found. Auth type '{auth_type}' does not support defaulting. Please set the 'AUTHORIZATION_URL' explictly")
+                if auth_type == WoAuthType.CPD:
+                    inferred_auth_url = config.get("WO_INSTANCE") + '/icp4d-api/v1/authorize'   
+                else: 
+                    logger.error(f"No 'AUTHORIZATION_URL' found. Auth type '{auth_type}' does not support defaulting. Please set the 'AUTHORIZATION_URL' explictly")
                 sys.exit(1)
             config["AUTHORIZATION_URL"] = inferred_auth_url
         
@@ -101,6 +108,7 @@ class ModelGatewayEnvConfig(BaseModel):
                 sys.exit(1)
         
         config["USE_SAAS_ML_TOOLS_RUNTIME"] = True
-        # Fake (but valid) UUIDv4 for knowledgebase check
-        config["WATSONX_SPACE_ID"] = "aaaaaaaa-aaaa-4aaa-aaaa-aaaaaaaaaaaa"
+        if not is_valid_uuid(config.get("WATSONX_SPACE_ID")):
+            # Fake (but valid) UUIDv4 for knowledgebase check
+            config["WATSONX_SPACE_ID"] = "aaaaaaaa-aaaa-4aaa-aaaa-aaaaaaaaaaaa"
         return config