Skip to main content

Platform-Agnostic Security Tokens for Python (PASETO)

Project description

PyPI PyPI - License

This is an unofficial initial implementation of PASETO: Platform-Agnostic Security Tokens for Python.

This is not yet production-ready; use at your own risk.

Forked from, which was originally designed for an earlier spec of PASETO when it was still PAST.


pip install paseto


This is still in early development. It has not been reviewed in a security audit yet, so please be aware that it is not expected to be ready for use in production systems.

It currently only supports basic encrypt/decrypt of the “local” token type, V2. V1 is not as nice as V2, but we will accept a functional, clean, secure pull request for a V1 if you are interested.

No claims are processed yet. This means you have to implement json encode/decode yourself, as well as checking expiration.

    from paseto import PasetoV2
    import secrets
    my_key = secrets.token_bytes(32)
    # > b'M\xd48b\xe2\x9f\x1e\x01[T\xeaA1{Y\xd1y\xfdx\xb5\xb7\xbedi\xa3\x96!`\x88\xc2n\xaf'
    token = PasetoV2.encrypt(
    plaintext=b'plaintext is a bytes object that is encrypted',
    footer=b'footer is authenticated but not encrypted'
# > b'v2.local.ORiY6F6_uy391wB1my1LA9ANYgh7rih1bcAqswLqmuiKVaZmfmUfxB5off7gLwdHVwxc-QKIEAfEdzRNU5pHcrnefFO_aA4QQV15i_yKLyyOF9oURg.Zm9vdGVyIGlzIGF1dGhlbnRpY2F0ZWQgYnV0IG5vdCBlbmNyeXB0ZWQ'

    parsed = PasetoV2.decrypt(
            token, my_key

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paseto-0.0.3.tar.gz (3.8 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page