Official Python client for the ISMS platform (isms.sh)
Project description
isms
Official Python client for the ISMS platform.
ISMS is the open Information Security Management System that keeps policies,
controls, risks, suppliers, incidents, and evidence in one place with a
scriptable API. This library gives you the same surface as the isms CLI and
the Go client, from Python, so you can seed data, automate audits, and build
custom dashboards without touching the web UI.
Install
pip install isms-sdk
The distribution is isms-sdk; you import it as isms:
from isms import IsmsClient
Requires Python 3.10 or later.
Configure
Point the client at your ISMS deployment and give it an API token:
export ISMS_API_URL=https://your-org.isms.sh
export ISMS_API_TOKEN=<api-token>
# Only needed for a multi-org token on a bare domain; a subdomain URL
# (https://your-org.isms.sh) already selects the org server-side.
export ISMS_ORGANIZATION_UUID=<org-uuid>
Create the token from an admin session with isms server api-key create
(CLI) or from the web UI. If your deployment sits behind Cloudflare Access,
also set CF_ACCESS_CLIENT_ID and CF_ACCESS_CLIENT_SECRET.
If you already have an ISMS env file (KEY=VALUE per line, the same format
the CLI reads), point ISMS_ENV at it and the client will load it for you:
export ISMS_ENV=/path/to/isms.env
Quickstart
from isms import IsmsClient
client = IsmsClient.from_env()
# Confirm the token
print(client.whoami.get())
# Add a supplier
supplier = client.suppliers.add({
"name": "MaintMaster",
"supplier_type": "saas",
"criticality": "high",
"data_access": True,
"notes": "CMMS platform used across terminals.\n\n## Services\nMaintenance planning and work orders.",
})
print(supplier["identifier"], supplier["name"])
# Add a risk that came out of a leadership review
risk = client.risks.add({
"title": "Environmental and sustainability governance gap",
"description": "CSRD scope maturing; no environmental policy in the IMS.",
"risk_type": "threat",
"origin": "external",
"category": "grc",
"current_likelihood": 3,
"current_impact": 3,
"treatment": "mitigate",
"status": "open",
})
# Record the event that surfaced the risk, and link them
event = client.incidents.create(
{
"title": "External stakeholder feedback on ESG governance",
"description": "Financier lunch briefing raised ESG position and CSRD readiness.",
"severity": "low",
"source": "external",
"incident_type": "event",
},
references=[{"type": "risk", "id": risk["identifier"]}],
)
# Track the treatment as a corrective action
ca = client.correctives.create({
"title": "Publish substantive public sustainability page",
"description": "Dedicated /sustainability page on stsplatform.com.",
"source": "feedback",
"severity": "observation",
})
# Explicit reference between the CA and the risk (in case the create-time
# reference flags are not yet available in your ISMS version).
client.references.create(
source_type="corrective_action",
source_id=str(ca["id"]),
target_type="risk",
target_id=risk["identifier"],
)
Resources
Each entity register is exposed as a namespace on the client:
| Namespace | Purpose |
|---|---|
client.suppliers |
Supplier register |
client.risks |
Risk register |
client.incidents |
Incidents and events register |
client.correctives |
Corrective actions |
client.tasks |
Task register |
client.references |
Cross-entity references |
client.documents |
Document library |
client.whoami |
Identity of the current API token |
All resources expose list() and, where the API supports it, get(id),
add(data) / create(data), update(id, data), and delete(id).
Errors
All errors inherit from isms.IsmsError:
IsmsAuthError— 401/403IsmsNotFoundError— 404IsmsValidationError— 400/422IsmsHTTPError— other non-2xx responses
Development
git clone https://github.com/unidoc/isms-python
cd isms-python
python -m venv .venv && source .venv/bin/activate
pip install -e ".[dev]"
pytest
Licence
Apache 2.0. See LICENSE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file isms_sdk-0.1.0.tar.gz.
File metadata
- Download URL: isms_sdk-0.1.0.tar.gz
- Upload date:
- Size: 13.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ba01c829b015931826f4dc78a364786ca63d716c811d4a5ded890ad97fa2fdca
|
|
| MD5 |
c7b1faa3502c8c91816c3ef24224155e
|
|
| BLAKE2b-256 |
ceb27591229cd770e2d97c430027f59f654cdfd48289ff954764fc970f0b511a
|
Provenance
The following attestation bundles were made for isms_sdk-0.1.0.tar.gz:
Publisher:
release.yml on unidoc/isms-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
isms_sdk-0.1.0.tar.gz -
Subject digest:
ba01c829b015931826f4dc78a364786ca63d716c811d4a5ded890ad97fa2fdca - Sigstore transparency entry: 2107032825
- Sigstore integration time:
-
Permalink:
unidoc/isms-python@19ab06b0e855ad1b926dcedf85b201f17282d7da -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/unidoc
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@19ab06b0e855ad1b926dcedf85b201f17282d7da -
Trigger Event:
push
-
Statement type:
File details
Details for the file isms_sdk-0.1.0-py3-none-any.whl.
File metadata
- Download URL: isms_sdk-0.1.0-py3-none-any.whl
- Upload date:
- Size: 13.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f2d4db1152b41d7e914b366c2ad36a8c651fa4393753ebae32846675c55e74e7
|
|
| MD5 |
7c1e9a6f4af24ceb1636fc7a3cbbe842
|
|
| BLAKE2b-256 |
1c913b8047327e2f4a5d84fb1c4546a2b4bf3ea986f0a557ee74167ead63c0c6
|
Provenance
The following attestation bundles were made for isms_sdk-0.1.0-py3-none-any.whl:
Publisher:
release.yml on unidoc/isms-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
isms_sdk-0.1.0-py3-none-any.whl -
Subject digest:
f2d4db1152b41d7e914b366c2ad36a8c651fa4393753ebae32846675c55e74e7 - Sigstore transparency entry: 2107032913
- Sigstore integration time:
-
Permalink:
unidoc/isms-python@19ab06b0e855ad1b926dcedf85b201f17282d7da -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/unidoc
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@19ab06b0e855ad1b926dcedf85b201f17282d7da -
Trigger Event:
push
-
Statement type: