Python SDK Authentication

This section guides you through the process of authenticating your requests when using the Python SDK. Proper authentication is crucial for accessing protected resources and ensuring the security of your data.

API Keys

API Keys are the simplest and most common method for authenticating with our service. You can generate an API Key from your developer dashboard.

Once you have your API Key, you can use it to authenticate your SDK client. The SDK will automatically include your API Key in the request headers.

Important: Treat your API Keys like passwords. Do not share them publicly or embed them directly in client-side code. Store them securely using environment variables or a secrets management system.

Using an API Key with the SDK


import your_sdk_library

# It's highly recommended to use environment variables for your API key
api_key = os.environ.get("YOUR_API_KEY")

if not api_key:
    raise ValueError("Please set the YOUR_API_KEY environment variable.")

client = your_sdk_library.Client(api_key=api_key)

# Now you can make authenticated requests
# response = client.some_resource.get()

Example API Key

sk_test_your_secret_api_key_12345 Copied!

OAuth 2.0

For more complex scenarios or when you need to access resources on behalf of a user, OAuth 2.0 provides a secure and standardized authorization framework.

The Python SDK supports the OAuth 2.0 Authorization Code Grant flow. You'll need to register your application with us to obtain a Client ID and Client Secret.

OAuth 2.0 Flow Overview

  1. Authorization Request: Redirect the user to our authorization server to grant your application permission.
  2. Authorization Code: The authorization server redirects the user back to your application with an authorization code.
  3. Token Exchange: Exchange the authorization code for an access token and a refresh token.
  4. API Access: Use the access token to make authenticated requests to our API.

Implementing OAuth 2.0

You can use popular Python libraries like requests-oauthlib to implement the OAuth 2.0 flow. The SDK client can then be initialized with the obtained access token.


from your_sdk_library import Client
from requests_oauthlib import OAuth2Session

# Assume you have obtained client_id, client_secret, and authorization_url
# from your application's registration.

oauth = OAuth2Session(client_id=client_id)
authorization_url, state = oauth.authorization_url(authorization_endpoint)

# Redirect user to authorization_url
# ... after user grants permission, they are redirected back with a code ...

# Exchange the authorization code for a token
token = oauth.fetch_token(
    token_url,
    authorization_response=redirect_response,
    client_secret=client_secret,
)

# Initialize the SDK client with the access token
client = Client(access_token=token['access_token'])

# Now you can make authenticated requests
# response = client.some_resource.get()

Token Management

Access tokens expire. You'll need to implement logic to refresh your access token using the refresh token when it becomes invalid. The requests-oauthlib library can assist with this.