Python library for retrieving Keycloak access tokens interactively
Project description
obi-auth
obi-auth is a library for retrieving Keycloak access tokens interactively. It helps developers and testers quickly authenticate against Keycloak without writing scripts or configuring complex clients.
[!CAUTION] obi-auth is designed to be used interactively and should not be used within a service or application.
Installation
Basic Installation
pip install obi-auth
Notebook Support
For enhanced Jupyter notebook support with Rich display integration:
pip install obi-auth[notebook]
This installs rich which provides better rendering in Jupyter notebooks.
Examples
from obi_auth import get_token
access_token = get_token(environment="staging")
CLI
After installation, the obi-auth command is available. Run obi-auth --help for the full list of commands and options.
get-token
Authenticate and print the access token to stdout. Output is a single token string, suitable for piping into other commands.
obi-auth get-token
obi-auth get-token -e production -m daf
obi-auth get-token --force-refresh
| Option | Description |
|---|---|
-e, --environment |
Target environment: staging (default) or production |
-m, --auth-mode |
Authentication method: pkce (default) or daf |
--force-refresh |
Clear the cached token and authenticate again |
decode-token
Decode a JWT and print the payload as indented JSON. Pass the token as an argument or via stdin.
obi-auth decode-token eyJhbGciOi...
obi-auth get-token | obi-auth decode-token
obi-auth get-token | obi-auth decode-token | jq -r '.sub'
get-user-info
Authenticate, fetch user info from Keycloak, and print the result as indented JSON.
obi-auth get-user-info
obi-auth get-user-info -e production -m daf
obi-auth get-user-info --force-refresh
obi-auth get-user-info | jq -r '.sub'
| Option | Description |
|---|---|
-e, --environment |
Target environment: staging (default) or production |
-m, --auth-mode |
Authentication method: pkce (default) or daf |
--force-refresh |
Clear the cached token and authenticate again |
Global options
| Option | Description |
|---|---|
--log-level |
Logging level: DEBUG, INFO, WARNING (default), ERROR, CRITICAL |
License
Copyright (c) 2025 Open Brain Institute
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file obi_auth-1.1.0.tar.gz.
File metadata
- Download URL: obi_auth-1.1.0.tar.gz
- Upload date:
- Size: 26.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8519607bfd39b89f1e7ef4ba36ba9d901e30e81d260da22f2681d221c8b1f452
|
|
| MD5 |
945935b0e8d28f98b2a6381e761b81f8
|
|
| BLAKE2b-256 |
4219a795b8f3884ffa871171a48f71ba495c4ef430607d60a6c743641c129ad6
|
Provenance
The following attestation bundles were made for obi_auth-1.1.0.tar.gz:
Publisher:
sdist.yml on openbraininstitute/obi-auth
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
obi_auth-1.1.0.tar.gz -
Subject digest:
8519607bfd39b89f1e7ef4ba36ba9d901e30e81d260da22f2681d221c8b1f452 - Sigstore transparency entry: 1967816457
- Sigstore integration time:
-
Permalink:
openbraininstitute/obi-auth@dcb177c5b66b0db9da79f4fd24f1e58008916958 -
Branch / Tag:
refs/tags/v1.1.0 - Owner: https://github.com/openbraininstitute
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
sdist.yml@dcb177c5b66b0db9da79f4fd24f1e58008916958 -
Trigger Event:
release
-
Statement type: