Skip to main content

Python


ToolJet workflows let you install Python packages from PyPI so that every Python node in the workflow can use them. Packages are installed once per workflow version and available across all Python nodes.

info

External library support for workflows is available on Enterprise Edition plans.

Adding Packages

  1. Open your workflow in the editor.
  2. Click the Packages icon in the left sidebar to open the package manager panel, then switch to the Python tab.
  3. Enter the packages you need in requirements.txt format — one package per line with a version specifier.
pydash==8.0.3
requests==2.31.0
numpy>=1.24.0
  1. Click Install. ToolJet installs the packages and generates a bundle in the background.
warning

PyPI does not expose a public search API. You need to know the exact package name and version you want to install. You can look up packages at pypi.org.

Using Packages in Python Nodes

Once the bundle status is Ready, you can import the packages directly in any Python node:

import pydash

orders = getOrders["data"]
grouped = pydash.group_by(orders, "status")

result = {
    "pending": grouped.get("pending", []),
    "shipped": grouped.get("shipped", [])
}

Packages are available to all Python nodes in the workflow — you don't need to install them separately per node.

Updating or Removing Packages

  1. Open the package manager panel and switch to the Python tab.
  2. Edit the requirements list — update versions or remove lines as needed.
  3. Click Install. The bundle regenerates automatically with the updated dependency list.

Self-Hosted Deployments

NsJail requires privileged container support (specifically the SYS_ADMIN Linux capability) to create the namespaces it uses for isolation. Most standard Docker and Kubernetes deployments support this out of the box.

However, some managed cloud platforms do not allow privileged containers:

  • AWS ECS Fargate — does not support privileged mode
  • Google Cloud Run — does not support privileged containers
  • Platforms with restrictive pod security policies — may block the required capabilities

If your deployment environment does not support NsJail, you have two options:

Option A: Bypass the sandbox

Set the following environment variable on your ToolJet server:

TOOLJET_WORKFLOW_SANDBOX_BYPASS=true

This disables NsJail and executes Python code directly on the host. Use this only when you trust all users who can create workflows, as their code will run without isolation.

danger

Running without the sandbox removes all execution restrictions. User code can access environment variables, the filesystem, and the network. Only enable this in environments where all workflow authors are trusted.

Option B: Deploy a worker with privileged access

Deploy ToolJet in worker mode on a platform that supports privileged containers (e.g., a standard Docker host or a Kubernetes cluster with appropriate security contexts), and route Python workflow execution to that worker. This lets you keep the main ToolJet deployment on a managed platform while still benefiting from sandboxed execution.


Need Help?