Skip to main content

A Python toolset for the RSA ID Plus cloud authentication platform

Project description

PyDPlus

A Python toolset for the RSA® ID Plus cloud authentication platform.

Latest Stable Release PyPI
Latest Pre-release PyPI
Supported Versions (Stable Release) PyPI - Python Versions Supported (Stable Release)
Commits Since Latest Release GitHub commits since latest release
Build Status GitHub Workflow Status
Code Coverage Codecov - Code Coverage
Documentation Documentation Status
Security Audits Bandit
License License (GitHub)
Issues Issues (GitHub)
Pull Requests Pull Requests (GitHub)

Installation

[!IMPORTANT] PyDPlus 2.0.0 and newer require Python 3.12+.
PyDPlus 1.0.1 is the final release line that supports Python 3.9.

Install from PyPI:

python -m pip install --upgrade pydplus

Install from source:

git clone https://github.com/jeffshurtliff/pydplus.git
cd pydplus
poetry install

Changelog

The changelog can be found in the documentation.

Usage

PyDPlus is designed for Python-based administration workflows in RSA ID Plus tenants, including:

  • user lifecycle automation (lookup, disable, mark for deletion)
  • admin reporting and audit integrations
  • helpdesk and identity-operations scripting

1) Import the package

from pydplus import PyDPlus, constants as const

2) Instantiate the client (OAuth example)

pydplus.PyDPlus supports both OAuth and Legacy credentials. OAuth (Private Key JWT) is recommended for new usage.

from pydplus import PyDPlus, constants as const

OAUTH_SCOPE = [
    const.OAUTH_SCOPES.USER_READ,
    const.OAUTH_SCOPES.USER_MANAGE,
]

pydp = PyDPlus(
    connection_type="oauth",
    base_admin_url="https://example-company.access.securid.com",
    oauth_client_id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
    oauth_private_key="/path/to/oauth-private-key.jwk",
    oauth_scope=OAUTH_SCOPE,
)

Legacy API authentication is also supported. See the Authentication guide for both patterns.

3) Define OAuth scopes (three practical options)

  1. Configure default scope permissions in the OAuth client settings in the RSA Cloud Administration Console.
  2. Define scopes explicitly in your code/helper/env configuration (manual string values or constants like const.OAUTH_SCOPES.USER_READ grouped in an OAUTH_SCOPE variable).
  3. Use scope presets to apply scope bundles (for example user_read_only or group_read_only) via oauth_scope_preset (argument), connection.oauth.scope_preset (helper setting), or PYDPLUS_OAUTH_SCOPE_PRESET (environment variable).

In PyDPlus, keep oauth_scope explicitly defined (directly, helper file, or environment variable) so token requests remain deterministic and validated.

Presets are additive and merged with explicit scopes:

pydp = PyDPlus(
    connection_type="oauth",
    base_admin_url="https://example-company.access.securid.com",
    oauth_client_id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
    oauth_private_key="/path/to/oauth-private-key.jwk",
    oauth_scope=const.OAUTH_SCOPES.USER_MANAGE,
    oauth_scope_preset=("user_read_only", "group_read_only"),
)

4) Run an API operation

user_id = pydp.users.get_user_id(email="john.doe@example.com")
response = pydp.users.disable_user(user_id=user_id)

For deeper coverage, see:

Documentation

The documentation is located here: https://pydplus.readthedocs.io/en/stable/

License

MIT License

Reporting Issues

Issues can be reported within the GitHub repository.

Contributing

Contributions are welcome and appreciated, including bug fixes, documentation improvements, tests, and feature work. For full contribution requirements and workflows, please see CONTRIBUTING.md.

Development Quality Checks

This repository uses Ruff for linting, import sorting, and formatting. The standard maximum line length for this package is 130 characters.

Line-length exceptions should be rare and limited to comments or special cases where wrapping harms readability. When an exception is required, use a targeted per-line # noqa: E501 comment.

poetry run ruff check .
poetry run ruff check . --fix
poetry run ruff format .
poetry run ruff format . --check

These checks are enforced in CI via .github/workflows/ci.yml.

Donations

If you would like to donate to this project then you can do so using this PayPal link.

Disclaimer

This package is considered unofficial and is in no way endorsed or supported by RSA Security LLC.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pydplus-2.0.0.tar.gz (62.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pydplus-2.0.0-py3-none-any.whl (68.2 kB view details)

Uploaded Python 3

File details

Details for the file pydplus-2.0.0.tar.gz.

File metadata

  • Download URL: pydplus-2.0.0.tar.gz
  • Upload date:
  • Size: 62.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for pydplus-2.0.0.tar.gz
Algorithm Hash digest
SHA256 eb3af2055a86aa0aa4f311dcf087b24336fe5c625846aeaae4855358a36693c4
MD5 282e15216b3c81bf0982911626c418e4
BLAKE2b-256 c9b527c75a87a6b316d51a608ba3020017865c8b0b12bc18b9c2f281c4aa1c59

See more details on using hashes here.

File details

Details for the file pydplus-2.0.0-py3-none-any.whl.

File metadata

  • Download URL: pydplus-2.0.0-py3-none-any.whl
  • Upload date:
  • Size: 68.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for pydplus-2.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8c9b96827176bb1c01863e27825a5493c6165c9ff5b8de4e422e091d3ebd8cd9
MD5 350195ae4103206dd5838624d0f3c858
BLAKE2b-256 b4505bd5bd2f39cd9fdacfc857fa7b5cf06acdd5ddd71ab2e99566051de243bf

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page