ibm-watsonx-orchestrate 1.5.0b1__py3-none-any.whl → 1.6.0b0__py3-none-any.whl

ibm_watsonx_orchestrate/cli/commands/models/models_controller.py

@@ -18,7 +18,7 @@ from ibm_watsonx_orchestrate.agent_builder.model_policies.types import ModelPoli
     ModelPolicyRetry, ModelPolicyStrategy, ModelPolicyStrategyMode, ModelPolicyTarget
 from ibm_watsonx_orchestrate.client.models.models_client import ModelsClient
 from ibm_watsonx_orchestrate.agent_builder.models.types import VirtualModel, ProviderConfig, ModelType, ANTHROPIC_DEFAULT_MAX_TOKENS
-from ibm_watsonx_orchestrate.client.utils import instantiate_client
+from ibm_watsonx_orchestrate.client.utils import instantiate_client, is_cpd_env
 from ibm_watsonx_orchestrate.client.connections import get_connection_id, ConnectionType
 
 logger = logging.getLogger(__name__)
@@ -85,6 +85,11 @@ def import_python_policy(file: str) -> List[ModelPolicy]:
             models.append(obj)
     return models
 
+def validate_spec_content(content: dict) -> None:
+    if not content.get("spec_version"):
+        logger.error(f"Field 'spec_version' not provided. Please ensure provided spec conforms to a valid spec format")
+        sys.exit(1)
+
 def parse_model_file(file: str) -> List[VirtualModel]:
     if file.endswith('.yaml') or file.endswith('.yml') or file.endswith(".json"):
         with open(file, 'r') as f:
@@ -92,6 +97,7 @@ def parse_model_file(file: str) -> List[VirtualModel]:
                 content = json.load(f)
             else:
                 content = yaml.load(f, Loader=yaml.SafeLoader)
+        validate_spec_content(content)
         model = create_model_from_spec(spec=content)
         return [model]
     elif file.endswith('.py'):
@@ -107,6 +113,7 @@ def parse_policy_file(file: str) -> List[ModelPolicy]:
                 content = json.load(f)
             else:
                 content = yaml.load(f, Loader=yaml.SafeLoader)
+        validate_spec_content(content)
         policy = create_policy_from_spec(spec=content)
         return [policy]
     elif file.endswith('.py'):
@@ -160,13 +167,15 @@ class ModelsController:
             logger.error("Error: WATSONX_URL is required in the environment.")
             sys.exit(1)
 
-        logger.info("Retrieving virtual-model models list...")
-        virtual_models = models_client.list()
-
-
+        if is_cpd_env(models_client.base_url):
+            virtual_models = []
+            virtual_model_policies = []
+        else:
+            logger.info("Retrieving virtual-model models list...")
+            virtual_models = models_client.list()
 
-        logger.info("Retrieving virtual-policies models list...")
-        virtual_model_policies = model_policies_client.list()
+            logger.info("Retrieving virtual-policies models list...")
+            virtual_model_policies = model_policies_client.list()
 
         logger.info("Retrieving watsonx.ai models list...")
         found_models = _get_wxai_foundational_models()
@@ -382,7 +391,7 @@ class ModelsController:
             mode=strategy,
             on_status_codes=strategy_on_code
         )
-        inner.targets = [ModelPolicyTarget(weight=1, model_name=m) for m in models]
+        inner.targets = [ModelPolicyTarget(model_name=m) for m in models]
         if retry_on_code:
             inner.retry = ModelPolicyRetry(
                 on_status_codes=retry_on_code,

ibm_watsonx_orchestrate/cli/commands/server/server_command.py

@@ -67,23 +67,28 @@ def docker_login(api_key: str, registry_url: str, username:str = "iamapikey") ->
     logger.info("Successfully logged in to Docker.")
 
 def docker_login_by_dev_edition_source(env_dict: dict, source: str) -> None:
-    if not env_dict.get("REGISTRY_URL"):
-        raise ValueError("REGISTRY_URL is not set.")
-    registry_url = env_dict["REGISTRY_URL"].split("/")[0]
-    if source == "internal":
-        iam_api_key = env_dict.get("DOCKER_IAM_KEY")
-        if not iam_api_key:
-            raise ValueError("DOCKER_IAM_KEY is required in the environment file if WO_DEVELOPER_EDITION_SOURCE is set to 'internal'.")
-        docker_login(iam_api_key, registry_url, "iamapikey")
-    elif source == "myibm":
-        wo_entitlement_key = env_dict.get("WO_ENTITLEMENT_KEY")
-        if not wo_entitlement_key:
-            raise ValueError("WO_ENTITLEMENT_KEY is required in the environment file.")
-        docker_login(wo_entitlement_key, registry_url, "cp")
-    elif source == "orchestrate":
-        wo_auth_type = env_dict.get("WO_AUTH_TYPE")
-        api_key, username = get_docker_cred_by_wo_auth_type(env_dict, wo_auth_type)
-        docker_login(api_key, registry_url, username)
+    if env_dict.get('WO_DEVELOPER_EDITION_SKIP_LOGIN', None) == 'true':
+        logger.info('WO_DEVELOPER_EDITION_SKIP_LOGIN is set to true, skipping login.')
+        logger.warning('If the developer edition images are not already pulled this call will fail without first setting WO_DEVELOPER_EDITION_SKIP_LOGIN=false')
+    else:
+        if not env_dict.get("REGISTRY_URL"):
+            raise ValueError("REGISTRY_URL is not set.")
+        registry_url = env_dict["REGISTRY_URL"].split("/")[0]
+        if source == "internal":
+            iam_api_key = env_dict.get("DOCKER_IAM_KEY")
+            if not iam_api_key:
+                raise ValueError("DOCKER_IAM_KEY is required in the environment file if WO_DEVELOPER_EDITION_SOURCE is set to 'internal'.")
+            docker_login(iam_api_key, registry_url, "iamapikey")
+        elif source == "myibm":
+            wo_entitlement_key = env_dict.get("WO_ENTITLEMENT_KEY")
+            if not wo_entitlement_key:
+                raise ValueError("WO_ENTITLEMENT_KEY is required in the environment file.")
+            docker_login(wo_entitlement_key, registry_url, "cp")
+        elif source == "orchestrate":
+            wo_auth_type = env_dict.get("WO_AUTH_TYPE")
+            api_key, username = get_docker_cred_by_wo_auth_type(env_dict, wo_auth_type)
+            docker_login(api_key, registry_url, username)
+
 
 def get_compose_file() -> Path:
     with resources.as_file(
@@ -165,6 +170,8 @@ def get_docker_cred_by_wo_auth_type(env_dict: dict, auth_type: str | None) -> tu
                 auth_type = "ibm_iam"
             elif ".ibm.com" in instance_url:
                 auth_type = "mcsp"
+            elif "https://cpd" in instance_url:
+                auth_type = "cpd"
     
     if auth_type in {"mcsp", "ibm_iam"}:
         wo_api_key = env_dict.get("WO_API_KEY")
@@ -672,6 +679,7 @@ def server_start(
     if experimental_with_langfuse:
         merged_env_dict['LANGFUSE_ENABLED'] = 'true'
 
+
     try:
         docker_login_by_dev_edition_source(merged_env_dict, dev_edition_source)
     except ValueError as e:

ibm_watsonx_orchestrate/cli/commands/server/types.py

@@ -26,7 +26,8 @@ def _infer_auth_type_from_instance_url(instance_url: str) -> WoAuthType:
           return WoAuthType.IBM_IAM
      if ".ibm.com" in instance_url:
           return WoAuthType.MCSP
-     return WoAuthType.CPD
+     if "https://cpd" in instance_url:
+          return WoAuthType.CPD
 
 
 class WatsonXAIEnvConfig(BaseModel):

ibm_watsonx_orchestrate/cli/commands/toolkit/toolkit_controller.py

@@ -213,9 +213,6 @@ class ToolkitController:
 
     
     def remove_toolkit(self, name: str):
-        if not is_local_dev():
-            logger.error("This functionality is only available for Local Environments")
-            sys.exit(1)
         try:
             client = self.get_client()
             draft_toolkits = client.get_draft_by_name(toolkit_name=name)

ibm_watsonx_orchestrate/cli/commands/tools/tools_controller.py

@@ -33,7 +33,7 @@ from ibm_watsonx_orchestrate.cli.config import Config, CONTEXT_SECTION_HEADER, C
     PYTHON_REGISTRY_HEADER, PYTHON_REGISTRY_TYPE_OPT, PYTHON_REGISTRY_TEST_PACKAGE_VERSION_OVERRIDE_OPT, \
     DEFAULT_CONFIG_FILE_CONTENT
 from ibm_watsonx_orchestrate.agent_builder.connections import ConnectionSecurityScheme, ExpectedCredentials
-from ibm_watsonx_orchestrate.experimental.flow_builder.flows.decorators import FlowWrapper
+from ibm_watsonx_orchestrate.flow_builder.flows.decorators import FlowWrapper
 from ibm_watsonx_orchestrate.client.tools.tool_client import ToolClient
 from ibm_watsonx_orchestrate.client.toolkit.toolkit_client import ToolKitClient
 from ibm_watsonx_orchestrate.client.connections import get_connections_client, get_connection_type
@@ -41,7 +41,7 @@ from ibm_watsonx_orchestrate.client.utils import instantiate_client, is_local_de
 from ibm_watsonx_orchestrate.utils.utils import sanatize_app_id
 from ibm_watsonx_orchestrate.client.utils import is_local_dev
 from ibm_watsonx_orchestrate.client.tools.tempus_client import TempusClient
-from ibm_watsonx_orchestrate.experimental.flow_builder.utils import import_flow_model
+from ibm_watsonx_orchestrate.flow_builder.utils import import_flow_model
 
 from  ibm_watsonx_orchestrate import __version__
 
@@ -339,14 +339,13 @@ async def import_flow_tool(file: str) -> None:
     theme = rich.theme.Theme({"model.name": "bold cyan"})
     console = rich.console.Console(highlighter=ModelHighlighter(), theme=theme)
     
-    message = f"""[bold cyan]Flow Tools: Experimental Feature[/bold cyan]
+    message = f"""[bold cyan]Flow Tools[/bold cyan]
    
 The [bold]flow tool[/bold] is being imported from [green]`{file}`[/green].  
     
 [bold cyan]Additional information:[/bold cyan]
 
-- Ensure the flow engine is running by issuing the [bold cyan]orchestrate server start[/bold cyan] command with the [bold cyan]--with-flow-runtime[/bold cyan] option
-- The [bold green]get_flow_status[/bold green] tool is being imported to support flow tools. Ensure [bold]both this tools and the one you are importing are added to your agent[/bold] to retrieve the flow output. 
+- The [bold green]get_flow_status[/bold green] tool is being imported to support flow tools. To get a flow's current status, ensure [bold]both this tools and the one you are importing are added to your agent[/bold] to retrieve the flow output. 
 - Include additional instructions in your agent to call the [bold green]get_flow_status[/bold green] tool to retrieve the flow output. For example: [green]"If you get an instance_id, use the tool get_flow_status to retrieve the current status of a flow."[/green]
 
     """
@@ -438,6 +437,10 @@ def _get_kind_from_spec(spec: dict) -> ToolKind:
         return ToolKind.python
     elif ToolKind.openapi in tool_binding:
         return ToolKind.openapi
+    elif ToolKind.mcp in tool_binding:
+        return ToolKind.mcp
+    elif 'wxflows' in tool_binding:
+        return ToolKind.flow
     else:
         logger.error(f"Could not determine 'kind' of tool '{name}'")
         sys.exit(1) 
@@ -560,14 +563,13 @@ class ToolsController:
                 
                 toolkit_name = ""
 
-                if is_local_dev():
+                if tool.__tool_spec__.toolkit_id:
                     toolkit_client = instantiate_client(ToolKitClient)
-                    if tool.__tool_spec__.toolkit_id:
-                        toolkit = toolkit_client.get_draft_by_id(tool.__tool_spec__.toolkit_id)
-                        if isinstance(toolkit, dict) and "name" in toolkit:
-                            toolkit_name = toolkit["name"]
-                        elif toolkit:
-                            toolkit_name = str(toolkit)
+                    toolkit = toolkit_client.get_draft_by_id(tool.__tool_spec__.toolkit_id)
+                    if isinstance(toolkit, dict) and "name" in toolkit:
+                        toolkit_name = toolkit["name"]
+                    elif toolkit:
+                        toolkit_name = str(toolkit)
 
                 
                 table.add_row(

ibm_watsonx_orchestrate/cli/config.py

@@ -26,6 +26,8 @@ ENV_WXO_URL_OPT = "wxo_url"
 ENV_IAM_URL_OPT = "iam_url"
 PROTECTED_ENV_NAME = "local"
 ENV_AUTH_TYPE = "auth_type"
+BYPASS_SSL = "bypass_ssl"
+VERIFY = "verify"
 ENV_ACCEPT_LICENSE = 'accepts_license_agreements'
 
 DEFAULT_LOCAL_SERVICE_URL = "http://localhost:4321"

ibm_watsonx_orchestrate/cli/main.py

@@ -12,8 +12,13 @@ from ibm_watsonx_orchestrate.cli.commands.environment.environment_command import
 from ibm_watsonx_orchestrate.cli.commands.channels.channels_command import channel_app
 from ibm_watsonx_orchestrate.cli.commands.knowledge_bases.knowledge_bases_command import knowledge_bases_app
 from ibm_watsonx_orchestrate.cli.commands.toolkit.toolkit_command import toolkits_app
+from ibm_watsonx_orchestrate.cli.commands.evaluations.evaluations_command import evaluation_app
 from ibm_watsonx_orchestrate.cli.init_helper import init_callback
 
+import urllib3
+urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+
+
 app = typer.Typer(
     no_args_is_help=True,
     pretty_exceptions_enable=False,
@@ -30,6 +35,7 @@ app.add_typer(server_app, name="server", help='Manipulate your local Orchestrate
 app.add_typer(chat_app, name="chat", help='Launch the chat ui for your local Developer Edition server [requires entitlement]')
 app.add_typer(models_app, name="models", help='List the available large language models (llms) that can be used in your agent definitions')
 app.add_typer(channel_app, name="channels", help="Configure channels where your agent can exist on (such as embedded webchat)")
+app.add_typer(evaluation_app, name="evaluations", help='Evaluate the performance of your agents in your active env')
 app.add_typer(settings_app, name="settings", help='Configure the settings for your active env')
 
 if __name__ == "__main__":

ibm_watsonx_orchestrate/client/agents/agent_client.py

@@ -1,7 +1,11 @@
 from ibm_watsonx_orchestrate.client.base_api_client import BaseAPIClient, ClientAPIException
-from typing_extensions import List
+from typing_extensions import List, Optional
 from ibm_watsonx_orchestrate.client.utils import is_local_dev
+from pydantic import BaseModel
 
+class AgentUpsertResponse(BaseModel):
+    id: Optional[str] = None
+    warning: Optional[str] = None
 
 class AgentClient(BaseAPIClient):
     """
@@ -12,14 +16,16 @@ class AgentClient(BaseAPIClient):
         self.base_endpoint = "/orchestrate/agents" if is_local_dev(self.base_url) else "/agents"
 
 
-    def create(self, payload: dict) -> dict:
-        return self._post(self.base_endpoint, data=payload)
+    def create(self, payload: dict) -> AgentUpsertResponse:
+        response = self._post(self.base_endpoint, data=payload)
+        return AgentUpsertResponse.model_validate(response)
 
     def get(self) -> dict:
-        return self._get(self.base_endpoint)
+        return self._get(f"{self.base_endpoint}?include_hidden=true")
 
-    def update(self, agent_id: str, data: dict) -> dict:
-        return self._patch(f"{self.base_endpoint}/{agent_id}", data=data)
+    def update(self, agent_id: str, data: dict) -> AgentUpsertResponse:
+        response = self._patch(f"{self.base_endpoint}/{agent_id}", data=data)
+        return AgentUpsertResponse.model_validate(response)
 
     def delete(self, agent_id: str) -> dict:
         return self._delete(f"{self.base_endpoint}/{agent_id}")
@@ -29,7 +35,7 @@ class AgentClient(BaseAPIClient):
 
     def get_drafts_by_names(self, agent_names: List[str]) -> List[dict]:
         formatted_agent_names = [f"names={x}" for x  in agent_names]
-        return self._get(f"{self.base_endpoint}?{'&'.join(formatted_agent_names)}")
+        return self._get(f"{self.base_endpoint}?{'&'.join(formatted_agent_names)}&include_hidden=true")
     
     def get_draft_by_id(self, agent_id: str) -> List[dict]:
         if agent_id is None:
@@ -45,5 +51,5 @@ class AgentClient(BaseAPIClient):
     
     def get_drafts_by_ids(self, agent_ids: List[str]) -> List[dict]:
         formatted_agent_ids = [f"ids={x}" for x  in agent_ids]
-        return self._get(f"{self.base_endpoint}?{'&'.join(formatted_agent_ids)}")
+        return self._get(f"{self.base_endpoint}?{'&'.join(formatted_agent_ids)}&include_hidden=true")
     

ibm_watsonx_orchestrate/client/agents/assistant_agent_client.py

@@ -10,7 +10,7 @@ class AssistantAgentClient(BaseAPIClient):
         return self._post("/assistants/watsonx", data=payload)
 
     def get(self) -> dict:
-        return self._get("/assistants/watsonx")
+        return self._get("/assistants/watsonx?include_hidden=true")
 
     def update(self, agent_id: str, data: dict) -> dict:
         return self._patch(f"/assistants/watsonx/{agent_id}", data=data)
@@ -23,7 +23,7 @@ class AssistantAgentClient(BaseAPIClient):
 
     def get_drafts_by_names(self, agent_names: List[str]) -> List[dict]:
         formatted_agent_names = [f"names={x}" for x  in agent_names]
-        return self._get(f"/assistants/watsonx?{'&'.join(formatted_agent_names)}")
+        return self._get(f"/assistants/watsonx?{'&'.join(formatted_agent_names)}&include_hidden=true")
     
     def get_draft_by_id(self, agent_id: str) -> dict | str:
         if agent_id is None:
@@ -39,4 +39,4 @@ class AssistantAgentClient(BaseAPIClient):
     
     def get_drafts_by_ids(self, agent_ids: List[str]) -> List[dict]:
         formatted_agent_ids = [f"ids={x}" for x  in agent_ids]
-        return self._get(f"/assistants/watsonx?{'&'.join(formatted_agent_ids)}")
+        return self._get(f"/assistants/watsonx?{'&'.join(formatted_agent_ids)}&include_hidden=true")

ibm_watsonx_orchestrate/client/agents/external_agent_client.py

@@ -10,7 +10,7 @@ class ExternalAgentClient(BaseAPIClient):
         return self._post("/agents/external-chat", data=payload)
 
     def get(self) -> dict:
-        return self._get("/agents/external-chat")
+        return self._get("/agents/external-chat?include_hidden=true")
 
     def update(self, agent_id: str, data: dict) -> dict:
         return self._patch(f"/agents/external-chat/{agent_id}", data=data)
@@ -39,4 +39,4 @@ class ExternalAgentClient(BaseAPIClient):
 
     def get_drafts_by_ids(self, agent_ids: List[str]) -> List[dict]:
         formatted_agent_ids = [f"ids={x}" for x  in agent_ids]
-        return self._get(f"/agents/external-chat?{'&'.join(formatted_agent_ids)}")
+        return self._get(f"/agents/external-chat?{'&'.join(formatted_agent_ids)}&include_hidden=true")

ibm_watsonx_orchestrate/client/base_api_client.py

@@ -24,8 +24,7 @@ class ClientAPIException(requests.HTTPError):
 
 
 class BaseAPIClient:
-
-    def __init__(self, base_url: str, api_key: str = None, is_local: bool = False, authenticator: MCSPAuthenticator = None):
+    def __init__(self, base_url: str, api_key: str = None, is_local: bool = False, verify: str = None, authenticator: MCSPAuthenticator = None):
         self.base_url = base_url.rstrip("/")  # remove trailing slash
         self.api_key = api_key
         self.authenticator = authenticator
@@ -33,6 +32,7 @@ class BaseAPIClient:
         # api path can be re-written by api proxy when deployed
         # TO-DO: re-visit this when shipping to production
         self.is_local = is_local
+        self.verify = verify
 
         if not self.is_local:
             self.base_url = f"{self.base_url}/v1/orchestrate"
@@ -48,7 +48,7 @@ class BaseAPIClient:
     def _get(self, path: str, params: dict = None, data=None, return_raw=False) -> dict:
 
         url = f"{self.base_url}{path}"
-        response = requests.get(url, headers=self._get_headers(), params=params, data=data)
+        response = requests.get(url, headers=self._get_headers(), params=params, data=data, verify=self.verify)
         self._check_response(response)
         if not return_raw:
             return response.json()
@@ -57,39 +57,39 @@ class BaseAPIClient:
 
     def _post(self, path: str, data: dict = None, files: dict = None) -> dict:
         url = f"{self.base_url}{path}"
-        response = requests.post(url, headers=self._get_headers(), json=data, files=files)
+        response = requests.post(url, headers=self._get_headers(), json=data, files=files, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
     
     def _post_form_data(self, path: str, data: dict = None, files: dict = None) -> dict:
         url = f"{self.base_url}{path}"
         # Use data argument instead of json so data is encoded as application/x-www-form-urlencoded
-        response = requests.post(url, headers=self._get_headers(), data=data, files=files)
+        response = requests.post(url, headers=self._get_headers(), data=data, files=files, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
 
     def _put(self, path: str, data: dict = None) -> dict:
 
         url = f"{self.base_url}{path}"
-        response = requests.put(url, headers=self._get_headers(), json=data)
+        response = requests.put(url, headers=self._get_headers(), json=data, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
 
     def _patch(self, path: str, data: dict = None) -> dict:
         url = f"{self.base_url}{path}"
-        response = requests.patch(url, headers=self._get_headers(), json=data)
+        response = requests.patch(url, headers=self._get_headers(), json=data, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
     
     def _patch_form_data(self, path: str, data: dict = None, files = None) -> dict:
         url = f"{self.base_url}{path}"
-        response = requests.patch(url, headers=self._get_headers(), data=data, files=files)
+        response = requests.patch(url, headers=self._get_headers(), data=data, files=files, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
 
     def _delete(self, path: str, data=None) -> dict:
         url = f"{self.base_url}{path}"
-        response = requests.delete(url, headers=self._get_headers(), json=data)
+        response = requests.delete(url, headers=self._get_headers(), json=data, verify=self.verify)
         self._check_response(response)
         return response.json() if response.text else {}
 

ibm_watsonx_orchestrate/client/connections/connections_client.py

@@ -5,6 +5,7 @@ from typing import Optional
 
 from ibm_watsonx_orchestrate.client.base_api_client import BaseAPIClient, ClientAPIException
 from ibm_watsonx_orchestrate.agent_builder.connections.types import ConnectionEnvironment, ConnectionPreference, ConnectionAuthType, ConnectionSecurityScheme, IdpConfigData, AppConfigData, ConnectionType
+from ibm_watsonx_orchestrate.client.utils import is_cpd_env
 
 import logging
 logger = logging.getLogger(__name__)
@@ -53,9 +54,14 @@ class ConnectionsClient(BaseAPIClient):
         return self._delete(f"/connections/applications/{app_id}")
 
     # GET /api/v1/connections/applications/{app_id}
-    def get(self, app_id: str) -> GetConnectionResponse:
+    def get(self, app_id: str) -> GetConnectionResponse | None:
         try:
-            return GetConnectionResponse.model_validate(self._get(f"/connections/applications/{app_id}"))
+            path = (
+                f"/connections/applications/{app_id}"
+                if is_cpd_env(self.base_url)
+                else f"/connections/applications?app_id={app_id}"
+            )
+            return GetConnectionResponse.model_validate(self._get(path))
         except ClientAPIException as e:
             if e.response.status_code == 404:
                 return None
@@ -65,7 +71,12 @@ class ConnectionsClient(BaseAPIClient):
     # GET api/v1/connections/applications
     def list(self) -> List[ListConfigsResponse]:
         try:
-            res = self._get(f"/connections/applications")
+            path = (
+                f"/connections/applications"
+                if is_cpd_env(self.base_url)
+                else f"/connections/applications?include_details=true"
+            )
+            res = self._get(path)
             return [ListConfigsResponse.model_validate(conn) for conn in res.get("applications", [])]
         except ValidationError as e:
             logger.error("Recieved unexpected response from server")
@@ -115,9 +126,19 @@ class ConnectionsClient(BaseAPIClient):
     def get_credentials(self, app_id: str, env: ConnectionEnvironment, use_sso: bool) -> dict:
         try:
             if use_sso:
-                return self._get(f"/connections/applications/{app_id}/credentials?env={env}")
+                path = (
+                    f"/connections/applications/{app_id}/credentials?env={env}"
+                    if is_cpd_env(self.base_url)
+                    else f"/connections/applications/{app_id}/credentials/{env}"
+                )
+                return self._get(path)
             else:
-                return self._get(f"/connections/applications/{app_id}/configs/runtime_credentials?env={env}")
+                path = (
+                    f"/connections/applications/{app_id}/configs/runtime_credentials?env={env}"
+                    if is_cpd_env(self.base_url)
+                    else f"/connections/applications/runtime_credentials?app_id={app_id}&env={env}"
+                )
+                return self._get(path)
         except ClientAPIException as e:
             if e.response.status_code == 404:
                 return None
@@ -147,7 +168,12 @@ class ConnectionsClient(BaseAPIClient):
         if conn_id is None:
             return ""
         try:
-            app_details = self._get(f"/connections/applications/id/{conn_id}")
+            path = (
+                f"/connections/applications/id/{conn_id}"
+                if is_cpd_env(self.base_url)
+                else f"/connections/applications?connection_id={conn_id}"
+            )
+            app_details = self._get(path)
             return app_details.get("app_id")
         except ClientAPIException as e:
             if e.response.status_code == 404:

ibm_watsonx_orchestrate/client/connections/utils.py

@@ -17,7 +17,7 @@ def _get_connections_manager_url() -> str:
         url_parts = url.split(":")
         url_parts[-1] = str(LOCAL_CONNECTION_MANAGER_PORT)
         url = ":".join(url_parts)
-        url = url + "/api/v1"
+        url = url + "/api/v1/orchestrate"
         return url
     return None
 

ibm_watsonx_orchestrate/client/credentials.py

@@ -31,6 +31,8 @@ class Credentials:
             url: str | None = None,
             iam_url: str | None = None,
             api_key: str | None = None,
+            username: str | None = None,
+            password: str | None = None,
             token: str | None = None,
             verify: str | bool | None = None,
             auth_type: str | None = None,
@@ -39,6 +41,8 @@ class Credentials:
         self.url = url
         self.iam_url = iam_url
         self.api_key = api_key
+        self.username = username
+        self.password = password
         self.token = token
         self.local_global_token = None
         self.verify = verify

ibm_watsonx_orchestrate/client/model_policies/model_policies_client.py

@@ -17,11 +17,11 @@ class ModelPoliciesClient(BaseAPIClient):
     """
     # POST api/v1/model_policy
     def create(self, model: ModelPolicy) -> None:
-        self._post("/model_policy", data=model.model_dump())
+        self._post("/model_policy", data=model.model_dump(exclude_none=True))
     
     # PUT api/v1/model_policy/{model_policy_id}
     def update(self, model_policy_id: str, model: ModelPolicy) -> None:
-        self._put(f"/model_policy/{model_policy_id}", data=model.model_dump())
+        self._put(f"/model_policy/{model_policy_id}", data=model.model_dump(exclude_none=True))
 
     # DELETE api/v1/model_policy/{model_policy_id}
     def delete(self, model_policy_id: str) -> dict:

ibm_watsonx_orchestrate/client/service_instance.py

@@ -7,8 +7,9 @@ from __future__ import annotations
 
 from ibm_cloud_sdk_core.authenticators import MCSPAuthenticator 
 from ibm_cloud_sdk_core.authenticators import IAMAuthenticator
+from ibm_cloud_sdk_core.authenticators import CloudPakForDataAuthenticator
 
-from ibm_watsonx_orchestrate.client.utils import check_token_validity
+from ibm_watsonx_orchestrate.client.utils import check_token_validity, is_cpd_env
 from ibm_watsonx_orchestrate.client.base_service_instance import BaseServiceInstance
 from ibm_watsonx_orchestrate.cli.commands.environment.types import EnvironmentAuthType
 
@@ -16,6 +17,16 @@ from ibm_watsonx_orchestrate.client.client_errors import (
     ClientError,
 )
 
+import logging
+logger = logging.getLogger(__name__)
+
+from ibm_watsonx_orchestrate.cli.config import (
+    Config,
+    CONTEXT_SECTION_HEADER,
+    CONTEXT_ACTIVE_ENV_OPT,
+    ENVIRONMENTS_SECTION_HEADER,
+    ENV_WXO_URL_OPT
+)
 
 class ServiceInstance(BaseServiceInstance):
     """Connect, get details, and check usage of a Watson Machine Learning service instance."""
@@ -40,8 +51,13 @@ class ServiceInstance(BaseServiceInstance):
     def _create_token(self) -> str:
         if not self._credentials.auth_type:
             if ".cloud.ibm.com" in self._credentials.url:
+                logger.warning("Using IBM IAM Auth Type. If this is incorrect please use the '--type' flag to explicitly choose one of 'ibm_iam' or 'mscp' or 'cpd")
                 return self._authenticate(EnvironmentAuthType.IBM_CLOUD_IAM)
+            elif is_cpd_env(self._credentials.url):
+                logger.warning("Using CPD Auth Type. If this is incorrect please use the '--type' flag to explicitly choose one of 'ibm_iam' or 'mscp' or 'cpd")
+                return self._authenticate(EnvironmentAuthType.CPD)
             else:
+                logger.warning("Using MCSP Auth Type. If this is incorrect please use the '--type' flag to explicitly choose one of 'ibm_iam' or 'mscp' or 'cpd' ")
                 return self._authenticate(EnvironmentAuthType.MCSP)
         else:
             return self._authenticate(self._credentials.auth_type)
@@ -55,6 +71,31 @@ class ServiceInstance(BaseServiceInstance):
                     authenticator = MCSPAuthenticator(apikey=self._credentials.api_key, url=url)
                 case EnvironmentAuthType.IBM_CLOUD_IAM:
                     authenticator = IAMAuthenticator(apikey=self._credentials.api_key, url=self._credentials.iam_url)
+                case EnvironmentAuthType.CPD:
+                    url = ""
+                    if self._credentials.iam_url is not None: 
+                        url = self._credentials.iam_url
+                    else: 
+                        cfg = Config()
+                        env_cfg = cfg.get(ENVIRONMENTS_SECTION_HEADER)
+                        matching_wxo_url = next(
+                            (env_config['wxo_url'] for env_config in env_cfg.values() if 'bypass_ssl' in env_config and 'verify' in env_config),
+                            None
+                        )
+                        base_url = matching_wxo_url.split("/orchestrate")[0]
+                        url = f"{base_url}/icp4d-api"
+
+                    password = self._credentials.password if self._credentials.password is not None else None
+                    api_key = self._credentials.api_key if self._credentials.api_key is not None else None
+                    cpd_password=password if password else None
+                    cpd_apikey=api_key if api_key else None
+                    authenticator = CloudPakForDataAuthenticator(
+                        username=self._credentials.username, 
+                        password=cpd_password, 
+                        apikey=cpd_apikey, 
+                        url=url, 
+                        disable_ssl_verification=True
+                    )
                 case _:
                     raise ClientError(f"Unsupported authentication type: {auth_type}")