Select Page

Simplifying and Securing API Authentication in Python with Requests and Keyring

by | Mar 4, 2024 | Automation, python, Security

Chatting with my good friend over at Swimlane, Kevin Mata, about ways to secure my Python code that I have credentials stored. He suggested tools like BitWarden, Vault by Hashicorp, and others. But if you want to keep it simple and still secure, check out “keyring“, thanks for pointing me in that direction.

Introduction

When working with APIs, handling authentication credentials securely is paramount. Hardcoding passwords directly into your scripts is a significant security risk. Luckily, Python offers solutions to manage your credentials securely. In this tutorial, we’ll focus on using the keyring library for secure storage of credentials and the popular requests library for making HTTP requests.

Prerequisites

Before we begin, ensure you have the following installed:

  • Python (3.x preferred)
  • requests library (pip install requests)
  • keyring library (pip install keyring)

Getting Started

Suppose we have an API endpoint that requires “basic auth” authentication. We’ll demonstrate how to securely authenticate with this API using keyring and requests.

Step 1: Installing Dependencies

First, let’s install the necessary libraries:

pip install requests keyring

Step 2: Creating a Keyring via Command Line Interface (CLI)

Using keyring Command:

You can create a keyring using the keyring a command followed by the set option:

keyring set rtr1 usernamekeyring set rtr1 password

If you have an OAuth creds you can add as many elements that you want into into rtr1 or any namespace you choose.

Step 3: Examples of Using Keyring in Python

Geting your Credentials 

import keyring

username = keyring.get_password("rtr1", "username")
password = keyring.get_password("rtr1", "password")

print("Username:", username)
print("Password:", password)

Step 4: Let’s put it all together

import requests
import json
import keyring
from requests.auth import HTTPBasicAuth

# Retrieve credentials securely from keyring
username = keyring.get_password("rtr1", "username")
password = keyring.get_password("rtr1", "password")
basic = HTTPBasicAuth("username", "password")

# API endpoint URL
url = "10.20.32.160/wapi/v2.5/member"

headers = {
  'Content-Type': 'application/json'
}

# Make POST request to authenticate
response = requests.post(url, headers=headers, data=payload, auth=basic)

# Print response
print(response.text)

What is the code doing?

  • We import the necessary libraries: requests, json, and keyring.
  • Using keyring, we securely retrieve the username and password from the system’s keyring store.
  • We define the API endpoint URL and prepare the payload with the credentials.
  • The requests.post() method is used to send the authentication request to the API.
  • Finally, we print the response from the API.

Conclusion

In this tutorial, we’ve explored how to securely manage API authentication credentials in Python using the keyring library. By storing credentials in the system’s keyring, we avoid exposing sensitive information in our scripts. Additionally, we demonstrated how to make authenticated API requests using the requests library. This approach enhances the security of your Python applications while maintaining convenience and ease of use.

Now you can confidently authenticate with APIs without compromising security!