Python authentication example with JWT

ts_fpatterson · August 13, 2023, 10:37pm

I’m not finding an example of using Python doing an authentication with the APIs. I get a response code of 200 but the JWT validation is failing. I have mostly used legacy client libraries for OAUTH based authentications. Any examples or reference to documentation of sample code would be much appreciated.

rajeshs · August 14, 2023, 3:29am

Hi @ts_fpatterson

Below is the Python script example which will get you all the sources available.

import requests
import json

org=''
access_token=''

url = 'https://{org}.api.identitynow.com/v3/sources'
headers = {
    'Authorization': 'Bearer {access_token}',
    'cache-control': 'no-cache',
	'Content-Type': 'application/json'
}

response = requests.request("GET",url, headers=headers)

if response.status_code == 200:
    data = response.json()
  
else:
    print(f"Request for sources failed with status code: {response.status_code}")

ts_fpatterson · August 14, 2023, 11:12am

I don’t see your example working, or how you are handling JWT.
Below is my code I’m testing without any JWT in it based on your example.

import requests
import pandas as pd
import jwt
import datetime

# Set the necessary variables
tenant_id = "test-sb"
client_id = ""
client_secret = ""
base_url = f"https://{tenant_id}.api.identitynow.com"

# Get an access token
auth_url = f"{base_url}/oauth/token"
auth_data = {
    "grant_type": "client_credentials",
    "client_id": client_id,
    "client_secret": client_secret,
}
auth_response = requests.post(auth_url, data=auth_data)
print(auth_response)

#Extract the access token from the response
access_token = auth_response.json()["access_token"]
print(access_token)

# API Call to get Sources
url = f"{base_url}/v3/sources"
headers = {
    'Authorization': 'Bearer {access_token}',
    'cache-control': 'no-cache',
	'Content-Type': 'application/json'
}

response = requests.request("GET",url, headers=headers)

if response.status_code == 200:
    data = response.json()
  
else:
    print(f"Request for sources failed with status code: {response.status_code}")

Below is the output I’m getting

<Response [200]>
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZW5hbnRfaWQiOiJjNDcxNDA1Ny01ZGI2LTRkMjEtYTg0ZS02MDBhM2ExMjlkYzYiLCJpbnRlcm5hbCI6ZmFsc2UsInBvZCI6InN0ZzA4LXVzZWFzdDEiLCJvcmciOiJmcmVlbWFuaGVhbHRoLXNiIiwiYXV0aG9yaXRpZXMiOlsiQVBJIl0sImVuYWJsZWQiOnRydWUsImNsaWVudF9pZCI6IjQyMjhkMzViLWVhYmUtNGMzNy1hNmJjLTc5OTIzZWJlYzgzZSIsImFjY2Vzc1R5cGUiOiJPRkZMSU5FIiwic3Ryb25nX2F1dGhfc3VwcG9ydGVkIjpmYWxzZSwiY2xhaW1zX3N1cHBvcnRlZCI6ZmFsc2UsInNjb3BlIjpbIkJnQUFBQWdBQUFBQUFBUT0iXSwiZXhwIjoxNjkyMDExOTE2LCJqdGkiOiI0S2dKZmU3ZUhfcng3RGlaY05rc3IwNXNBdzQifQ.l2NBSajc-EVHsKAlZDn00n3cAOeIAuz2itDGyDJAYDU
Request for sources failed with status code: 401

rajeshs · August 14, 2023, 11:24am

Can you please let me know what is the scope of the ClientID and ClientSecret which you are using - Check if has “sp:scopes:all”
Did you check with the same payload in POSTMAN (with same clientid and secret)?

ts_fpatterson · August 14, 2023, 11:54am

yes, basing it off of my postman config, which is working. The ClientID and ClientSecret are the same as in Postman and the sp:scopes:all is being used.

When I include additional logic to print out the response content, I see the error that JWT is required.

else:
    print(f"Request for sources failed with status code: {response.status_code}")
    print("Response content:", response.text)

Request for sources failed with status code: 401
Response content: {“error”:“JWT is required”}

iam_nithesh · August 14, 2023, 12:14pm

Should this not be:

'Authorization': f'Bearer {access_token}'

?

ts_fpatterson · August 14, 2023, 12:47pm

Thank you @rajeshs and @iam_nithesh

Yes this corrected it and makes sense as to why.

Below is the example code that is working in case others are wanting sample code.

import requests


# Set the necessary variables
tenant_id = ""
client_id = ""
client_secret = ""
base_url = f"https://{tenant_id}.api.identitynow.com"

# Get an access token
auth_url = f"{base_url}/oauth/token"
auth_data = {
    "grant_type": "client_credentials",
    "client_id": client_id,
    "client_secret": client_secret,
}
auth_response = requests.post(auth_url, data=auth_data)
print(auth_response)

#Extract the access token from the response
access_token = auth_response.json()["access_token"]
print(access_token)

# API Call to get Sources
url = f"{base_url}/v3/sources"
headers = {
    'Authorization': f'Bearer {access_token}',
    'cache-control': 'no-cache',
	'Content-Type': 'application/json'
}

response = requests.request("GET",url, headers=headers)

if response.status_code == 200:
    data = response.json()
  
else:
    print(f"Request for sources failed with status code: {response.status_code}")

system · October 13, 2023, 12:48pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
403 when using the cc/api/system/refreshidentities api with Python ISC Discussion and Questions apis , identity-security-cloud	8	232	March 16, 2024
Python script to extract source using sp-config ISC Discussion and Questions	2	2372	July 19, 2023
Python SDK for IdentityNow ISC Discussion and Questions apis , identity-security-cloud	2	182	April 29, 2024
Postman configuration not working per documentation ISC Discussion and Questions identity-security-cloud , postman	10	679	August 11, 2023
Developer Templates or Guidance - for the Novice Developer ISC Discussion and Questions	3	2707	July 19, 2023

Python authentication example with JWT

Related Topics