Web endpoints

Modal gives you a few ways to expose functions as web endpoints. You can either turn any Modal function into a webhook with a single line of code, or you can serve an entire ASGI-compatible app (including existing apps written with frameworks such as FastAPI or Flask).

All Modal webhooks have a limit of 100 requests per second (rps). Get in touch if you need higher limits.

Note that if you wish to invoke a Modal function from another Python application, you could deploy and invoke the function using the native client library, without having to set up a webhook.


The easiest way to create a webhook out of an existing function is to use the @modal.webhook decorator.

import modal

stub = modal.Stub()

def f():
    return "Hello world!"

Developing with modal serve

You can run this code as an ephemeral app, by running the command

modal serve server_script.py

Where server_script.py is the file name of your code. This will create an ephemeral app for the duration of your script (until you hit Ctrl-C to stop it). It creates a temporary URL that you can use like any other REST endpoint. This URL is on the public internet.

The serve command (which you can also call programmatically using stub.serve(), will live update an app when any of the supporting files change.

Live updating is particularly useful when working with apps containing webhooks, as any changes made to webhook handlers will show up almost immediately, without requiring a manual restart of the app.

Deploying a web server

You can also deploy your app and create a persistent webhook in the cloud by running modal deploy:

Passing arguments to webhooks

When using @stub.webhook, you can use query parameters just like in FastAPI which will be passed to your function as arguments. For instance

import modal

stub = modal.Stub()

def square(x: int):
    return {"square": x**2}

If you hit this with an urlencoded query string with the “x” param present, it will send that to the function:

% curl 'https://modal-labs--webhook-get-py-square-erikbern-dev.modal.run?x=42'

If you want to use a POST request, you can use the method argument to @stub.webhook to set the HTTP verb. To accept any valid JSON, you can use Dict as your type annotation.

from typing import Dict

import modal

stub = modal.Stub()

def square(item: Dict):
    return {"square": item['x']**2}

This now creates an endpoint that lets us hit it using JSON:

% curl 'https://modal-labs--webhook-post-py-square-erikbern-dev.modal.run' -X POST -H 'Content-Type: application/json' -d '{"x": 42}'

This is often the easiest way to get started, but note that FastAPI recommends that you use typed Pydantic models in order to get automatic validation and documentation. FastAPI also lets you pass data to webhook in other ways, for instance as form data and file uploads.

More configuration

In addition to the keyword arguments supported by a regular stub.function, webhooks take an optional method argument to set the HTTP method of the REST endpoint (see reference for a full list of supported arguments).

How do webhooks run in the cloud?

Note that webhooks, like everything else on Modal, only run when they need to. When you hit the webhook the first time, it will boot up the container, which might take a few seconds. Modal keeps the container alive for a short period (a minute, at most) in case there are subsequent requests. If there are a lot of requests, Modal might create more containers running in parallel.

Under the hood, Modal wraps your function in a FastAPI application, and so functions you write need to follow the same request and response semantics as FastAPI. This also means you can use all of FastAPI’s powerful features, such as Pydantic models for automatic validation, typed query and path parameters, and response types.

For long running webhooks (taking more than 150s to complete), Modal by default uses chains of HTTP redirects to keep each request reasonably short lived. For more information see Webhook timeouts.

More complex example

Here’s everything together, combining Modal’s abilities to run functions in user-defined containers with the expressivity of FastAPI:

from pydantic import BaseModel
from fastapi.responses import HTMLResponse

class Item(BaseModel):
    name: str
    qty: int = 42

image = modal.Image.debian_slim().pip_install("boto3")

@stub.webhook(method="POST", image=image)
def f(item: Item):
    import boto3
    # do things with boto3
    return HTMLResponse(f"<html>Hello, {item.name}!</html>")

Serving ASGI and WSGI apps

You can also serve any app written in an ASGI or WSGI compatible web application framework on Modal. For ASGI apps, you can create a function decorated with @modal.asgi that returns a reference to your web app:

from fastapi import FastAPI, Request
from fastapi.responses import HTMLResponse

import modal

web_app = FastAPI()
stub = modal.Stub()

image = modal.Image.debian_slim().pip_install("boto3")

async def foo(request: Request):
    body = await request.json()
    return body

async def bar(arg="world"):
    return HTMLResponse(f"<h1>Hello Fast {arg}!</h1>")

def fastapi_app():
    return web_app

Now, as before, when you deploy this script as a modal app, you get a URL for your app that you can use:


You can serve WSGI apps using the wsgi decorator:

import modal

stub = modal.Stub()
image = modal.Image.debian_slim().pip_install("flask")

def flask_app():
    from flask import Flask, request

    web_app = Flask(__name__)

    def home():
        return "Hello Flask World!"

    def foo():
        return request.json

    return web_app

See Flask’s docs for more information.

Cold start performance

Consult the guide page on cold start performance for more information on when functions incur cold start penalties, and how to mitigate the impact of them.


Modal doesn’t have an first class way to add authentication to webhook yet, however token-based authentication is easy to implement in whichever framework you’re using. For example, if you’re using @modal.webhook or @modal.asgi with FastAPI, you can add authentication like this:

import modal

from fastapi import Depends, HTTPException, status, Request
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials

auth_scheme = HTTPBearer()

stub = modal.Stub("auth-example")

async def f(request: Request, token: HTTPAuthorizationCredentials = Depends(auth_scheme)):
    import os


    if token.credentials != os.environ["AUTH_TOKEN"]:
        raise HTTPException(
            detail="Incorrect bearer token",
            headers={"WWW-Authenticate": "Bearer"},

    # Function body
    return "hi"

This assumes you have a Modal secret named my-webhook-auth-token created, with contents {AUTH_TOKEN: secret-random-token}. Now, your endpoint will return a 401 status code except when you hit it with the correct Authorization header set (note that you have to prefix the token with Bearer ):

curl --header "Authorization: secret-random-token" https://modal-labs--auth-example-f.modal.run