Alter Vault Python SDK - OAuth token management with policy enforcement
Project description
Alter SDK for Python
Official Python SDK for Alter Vault — credential and authorization layer for apps and AI agents that call third-party APIs.
Tokens stay in the vault. The SDK injects the credential, refreshes it, and writes the audit row — application code only calls vault.request() (or vault.proxy_request() when the backend should make the outgoing call instead of the SDK).
Install
pip install alter-sdk
Requires Python 3.10+.
Quick example
Make an authenticated API call — no token ever touches application code.
import asyncio
from alter_sdk import App, HttpMethod
async def main():
async with App(api_key="<api-key>") as vault:
response = await vault.request(
HttpMethod.POST,
"https://api.example.com/resource",
grant_id="<grant-id>",
json={"example": "payload"},
)
print(response.status_code, response.json())
asyncio.run(main())
For a full walkthrough — sign-up, key minting, OAuth — see the Quickstart.
Two runtime modes
The SDK exposes two ways to reach a third-party API:
vault.request(...)— retrieve mode. The SDK fetches the token from the backend and makes the outgoing call itself. Returns the third-party response.vault.proxy_request(...)— proxy mode. The backend holds the token, makes the outgoing call, and returns the result. Application code and the SDK never observe the token. Required for any grant configured with human-in-the-loop approval; available for any other grant when wire-level audit, strong token isolation, or backend-side policy enforcement matter.
See runtime modes for the tradeoffs and when to pick each.
Documentation
Full docs are at https://docs.alterauth.com.
| Topic | Page |
|---|---|
| Getting started end-to-end | Quickstart |
| The mental model | How Alter works |
| Calling APIs on behalf of users (OAuth + JWT) | Guide |
| Identity provider setup | Auth0 / Clerk / Okta / Custom OIDC |
| Provisioning backend secrets | Guide |
| Scoped credentials for AI agents | Guide |
| Human-in-the-loop approvals | Guide |
| Runtime modes (retrieve vs proxy) | Concept |
| Integrating with Claude Code (MCP) | Guide |
| Per-method API reference | Python SDK reference |
| Errors | Error reference |
License
MIT. See LICENSE.
Support
Email founders@alterauth.com or open an issue at https://github.com/alter-ai/alter-vault.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file alter_sdk-0.14.0.tar.gz.
File metadata
- Download URL: alter_sdk-0.14.0.tar.gz
- Upload date:
- Size: 152.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b0002cf6598b849b3467d7f44f458bc1f7672c542b24efe51eadaffe1316e0e4
|
|
| MD5 |
0088302f2f2d5f49d700f6271613b851
|
|
| BLAKE2b-256 |
e25690aa621d835286c5f730037b870c0b96e49ee15081dbe4d57c1f23d60ffd
|
Provenance
The following attestation bundles were made for alter_sdk-0.14.0.tar.gz:
Publisher:
python-sdk-release.yml on AlterAIDev/Alter-Vault
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
alter_sdk-0.14.0.tar.gz -
Subject digest:
b0002cf6598b849b3467d7f44f458bc1f7672c542b24efe51eadaffe1316e0e4 - Sigstore transparency entry: 1611507050
- Sigstore integration time:
-
Permalink:
AlterAIDev/Alter-Vault@bb542d96a3a8e190584a0f3f9c7b1b5e915eea94 -
Branch / Tag:
refs/tags/python-sdk-v0.14.0 - Owner: https://github.com/AlterAIDev
-
Access:
internal
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-sdk-release.yml@bb542d96a3a8e190584a0f3f9c7b1b5e915eea94 -
Trigger Event:
push
-
Statement type:
File details
Details for the file alter_sdk-0.14.0-py3-none-any.whl.
File metadata
- Download URL: alter_sdk-0.14.0-py3-none-any.whl
- Upload date:
- Size: 165.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2119d7a7c092b802fb1a0eee2eefb24d0b41880c9b9711efb426af686cbfd0d9
|
|
| MD5 |
2f66635578470d4677c71ed9d3ff69ad
|
|
| BLAKE2b-256 |
311d7554dcc0d60b7cd7995fbab9992b6a23b49cd6a509ddedc9e889c16aa004
|
Provenance
The following attestation bundles were made for alter_sdk-0.14.0-py3-none-any.whl:
Publisher:
python-sdk-release.yml on AlterAIDev/Alter-Vault
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
alter_sdk-0.14.0-py3-none-any.whl -
Subject digest:
2119d7a7c092b802fb1a0eee2eefb24d0b41880c9b9711efb426af686cbfd0d9 - Sigstore transparency entry: 1611507136
- Sigstore integration time:
-
Permalink:
AlterAIDev/Alter-Vault@bb542d96a3a8e190584a0f3f9c7b1b5e915eea94 -
Branch / Tag:
refs/tags/python-sdk-v0.14.0 - Owner: https://github.com/AlterAIDev
-
Access:
internal
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-sdk-release.yml@bb542d96a3a8e190584a0f3f9c7b1b5e915eea94 -
Trigger Event:
push
-
Statement type: