Skip to main content

AuthSec SDK for MCP auth, services, CIBA, and SPIFFE integration

Project description

AuthSec Python SDK

Python SDK for AuthSec MCP authentication, RBAC, service access, CIBA, delegation, and SPIFFE integrations.

Install

From PyPI:

pip install authsec-sdk

For local SDK development:

cd packages/python-sdk
pip install -e ".[dev]"

Recommended Setup Flow

The default user flow is:

pip install authsec-sdk
authsec init

authsec init writes .authsec.json in the current working directory. If you choose the default setup path, it writes these prod endpoints:

  • https://prod.api.authsec.ai/sdkmgr/mcp-auth
  • https://prod.api.authsec.ai/sdkmgr/services
  • https://prod.api.authsec.ai

Use authsec config show to verify the saved configuration.

If you need localhost, staging, or self-hosted AuthSec, choose the custom path in authsec init or set explicit environment overrides.

Team Knowledge Base Flow

The intended acceptance flow matches the protected Team Knowledge Base example:

  1. pip install authsec-sdk
  2. authsec init
  3. Run your protected MCP server
  4. Confirm startup logs show the prod AuthSec endpoints by default

When the app name is Team Knowledge Base (Protected), the expected startup output is:

Auth configured: Team Knowledge Base (Protected) with client_id: 921c2209...
Auth service URL: https://prod.api.authsec.ai/sdkmgr/mcp-auth
Services URL: https://prod.api.authsec.ai/sdkmgr/services
Starting Team Knowledge Base (Protected) MCP Server on 0.0.0.0:3005
Authentication via: https://prod.api.authsec.ai/sdkmgr/mcp-auth
Services via: https://prod.api.authsec.ai/sdkmgr/services
SPIRE Workload Identity: DISABLED

Example Server

This package includes a Python MCP demo at examples/local_authsec_demo_server.py.

Run it like this:

cd packages/python-sdk
authsec init
set -a
source examples/local_authsec_demo.env.example
set +a
python examples/local_authsec_demo_server.py

By default, the example relies on .authsec.json created by authsec init. Only set AUTHSEC_AUTH_SERVICE_URL or AUTHSEC_SERVICES_URL if you intentionally want to override the prod defaults.

Testing

Install the dev extras and run tests:

cd packages/python-sdk
pip install -e ".[dev]"
pytest tests/test_config_flow.py

The existing integration tests that point at localhost remain explicit local-service tests; they are not the default user path.

Maintainer Release Flow

Build and verify locally:

cd packages/python-sdk
python -m build
python -m twine check dist/*

Smoke test the built artifact in a fresh virtualenv:

python -m venv /tmp/authsec-sdk-smoke
source /tmp/authsec-sdk-smoke/bin/activate
pip install /absolute/path/to/packages/python-sdk/dist/authsec_sdk-<version>-py3-none-any.whl
authsec init

Publish with token-based Twine auth supplied via environment variables or .pypirc, then verify in a fresh virtualenv with:

pip install authsec-sdk
authsec init

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authsec_sdk-4.4.2.tar.gz (70.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

authsec_sdk-4.4.2-py3-none-any.whl (65.1 kB view details)

Uploaded Python 3

File details

Details for the file authsec_sdk-4.4.2.tar.gz.

File metadata

  • Download URL: authsec_sdk-4.4.2.tar.gz
  • Upload date:
  • Size: 70.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.4.2.tar.gz
Algorithm Hash digest
SHA256 d7821a2181b8858fc33fc4cce7f50e11338131ba559b77e74e0981b179296da5
MD5 52a08b9254d804a58401d68c8fc6b60c
BLAKE2b-256 631dd0eca3a642584c52e5b7138696a4f1e05c1402ce858618cc09bd55492505

See more details on using hashes here.

File details

Details for the file authsec_sdk-4.4.2-py3-none-any.whl.

File metadata

  • Download URL: authsec_sdk-4.4.2-py3-none-any.whl
  • Upload date:
  • Size: 65.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.4.2-py3-none-any.whl
Algorithm Hash digest
SHA256 98b64c8972e8dba31187a4941ea6d2782eedeff6c00fbf553b421abc3b7e840c
MD5 d29026b3a643bf7cb1a234be46f77326
BLAKE2b-256 15d5002b0ba8b3b37a778ff348dd9a3b460a616b68560cadcacaa80fc5eddeaa

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page