Skip to main content

AuthSec SDK for MCP auth, services, CIBA, and SPIFFE integration

Project description

AuthSec Python SDK

Python SDK for AuthSec MCP authentication, RBAC, service access, CIBA, delegation, and SPIFFE integrations.

Install

From PyPI:

pip install authsec-sdk

For local SDK development:

cd packages/python-sdk
pip install -e ".[dev]"

Recommended Setup Flow

The default user flow is:

pip install authsec-sdk
authsec init

authsec init writes .authsec.json in the current working directory. If you choose the default setup path, it writes these prod endpoints:

  • https://prod.api.authsec.ai/sdkmgr/mcp-auth
  • https://prod.api.authsec.ai/sdkmgr/services
  • https://prod.api.authsec.ai

Use authsec config show to verify the saved configuration.

If you need localhost, staging, or self-hosted AuthSec, choose the custom path in authsec init or set explicit environment overrides.

Team Knowledge Base Flow

The intended acceptance flow matches the protected Team Knowledge Base example:

  1. pip install authsec-sdk
  2. authsec init
  3. Run your protected MCP server
  4. Confirm startup logs show the prod AuthSec endpoints by default

When the app name is Team Knowledge Base (Protected), the expected startup output is:

Auth configured: Team Knowledge Base (Protected) with client_id: 921c2209...
Auth service URL: https://prod.api.authsec.ai/sdkmgr/mcp-auth
Services URL: https://prod.api.authsec.ai/sdkmgr/services
Starting Team Knowledge Base (Protected) MCP Server on 0.0.0.0:3005
Authentication via: https://prod.api.authsec.ai/sdkmgr/mcp-auth
Services via: https://prod.api.authsec.ai/sdkmgr/services
SPIRE Workload Identity: DISABLED

Example Server

This package includes a Python MCP demo at examples/local_authsec_demo_server.py.

Run it like this:

cd packages/python-sdk
authsec init
set -a
source examples/local_authsec_demo.env.example
set +a
python examples/local_authsec_demo_server.py

By default, the example relies on .authsec.json created by authsec init. Only set AUTHSEC_AUTH_SERVICE_URL or AUTHSEC_SERVICES_URL if you intentionally want to override the prod defaults.

Testing

Install the dev extras and run tests:

cd packages/python-sdk
pip install -e ".[dev]"
pytest tests/test_config_flow.py

The existing integration tests that point at localhost remain explicit local-service tests; they are not the default user path.

Maintainer Release Flow

Build and verify locally:

cd packages/python-sdk
python -m build
python -m twine check dist/*

Smoke test the built artifact in a fresh virtualenv:

python -m venv /tmp/authsec-sdk-smoke
source /tmp/authsec-sdk-smoke/bin/activate
pip install /absolute/path/to/packages/python-sdk/dist/authsec_sdk-<version>-py3-none-any.whl
authsec init

Publish with token-based Twine auth supplied via environment variables or .pypirc, then verify in a fresh virtualenv with:

pip install authsec-sdk
authsec init

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authsec_sdk-4.4.0.tar.gz (70.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

authsec_sdk-4.4.0-py3-none-any.whl (64.4 kB view details)

Uploaded Python 3

File details

Details for the file authsec_sdk-4.4.0.tar.gz.

File metadata

  • Download URL: authsec_sdk-4.4.0.tar.gz
  • Upload date:
  • Size: 70.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.4.0.tar.gz
Algorithm Hash digest
SHA256 772817a1e7ac19abf4771e260e658cb5574f72b60a52064e4fef87f597df5318
MD5 8b26f3fc2f8eb58222bafaf4740467ce
BLAKE2b-256 7a7a11dd06669e15a720664955507a484d6bdb7f05ba90c5385b4dee58ebfeab

See more details on using hashes here.

File details

Details for the file authsec_sdk-4.4.0-py3-none-any.whl.

File metadata

  • Download URL: authsec_sdk-4.4.0-py3-none-any.whl
  • Upload date:
  • Size: 64.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3fc2cfd5a6a5d5ba6789ede707791423aac72ed09f197a254a3fc14139138d1b
MD5 7313d086bda374bade66900e7b58cb42
BLAKE2b-256 88d4a1904380687be0e4245ec173db9b967748725e8b55af7da9d4faf793cc8c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page