Python SDK for Raqeb Database PAM and Secrets Management
Project description
Raqeb Python SDK
Official Python SDK for Raqeb Database PAM and Secrets Management.
Installation
pip install raqeb
Quick Start
from raqeb import RaqebClient
# Initialize client with service account API key
client = RaqebClient(api_key="sa_your_api_key_here")
# Get a secret
secret = client.get_secret("secret-id")
print(f"Secret value: {secret['value']}")
# Get temporary database credentials
creds = client.get_database_credentials(
database_id="db-id",
ttl_hours=4,
access_level="read-only"
)
print(f"Username: {creds['username']}")
print(f"Password: {creds['password']}")
print(f"Expires: {creds['expires_at']}")
# Revoke credentials when done
client.revoke_lease(creds['lease_id'])
Usage Examples
Secrets Management
from raqeb import RaqebClient
client = RaqebClient(api_key="sa_your_key")
# Retrieve a secret
secret = client.get_secret("api-key-prod")
api_key = secret['value']
# Use the secret in your application
import requests
response = requests.get(
"https://api.example.com/data",
headers={"Authorization": f"Bearer {api_key}"}
)
Database Access
from raqeb import RaqebClient
import psycopg2
client = RaqebClient(api_key="sa_your_key")
# Get temporary database credentials
creds = client.get_database_credentials(
database_id="prod-postgres",
ttl_hours=2,
access_level="read-only"
)
# Connect to database
conn = psycopg2.connect(
host="db.example.com",
port=5432,
database="myapp",
user=creds['username'],
password=creds['password']
)
try:
# Use the connection
cursor = conn.cursor()
cursor.execute("SELECT * FROM users LIMIT 10")
results = cursor.fetchall()
finally:
conn.close()
# Revoke credentials
client.revoke_lease(creds['lease_id'])
Context Manager
from raqeb import RaqebClient
# Use context manager for automatic cleanup
with RaqebClient(api_key="sa_your_key") as client:
secret = client.get_secret("secret-id")
print(secret['value'])
API Key Management
from raqeb import RaqebClient
client = RaqebClient(api_key="sa_your_key")
# List API keys
keys = client.list_api_keys()
for key in keys:
print(f"{key['name']}: {key['key_prefix']}...")
# Create new API key
new_key = client.create_api_key(
name="CI/CD Pipeline",
scopes=["secrets:read", "databases:read"],
description="Key for automated deployments"
)
print(f"New API Key: {new_key['api_key']}") # Save this!
# Delete API key
client.delete_api_key("key-id")
Error Handling
from raqeb import RaqebClient, AuthenticationError, PermissionError, NotFoundError
client = RaqebClient(api_key="sa_your_key")
try:
secret = client.get_secret("secret-id")
except AuthenticationError:
print("Invalid or expired API key")
except PermissionError:
print("Insufficient permissions - check API key scopes")
except NotFoundError:
print("Secret not found")
except RaqebError as e:
print(f"API error: {e}")
API Reference
RaqebClient
__init__(api_key, base_url="https://app.raqeb.cloud/api/v1")
Initialize the client.
get_secret(secret_id) -> dict
Retrieve a secret value.
Returns:
{
'secret_id': 'secret-123',
'name': 'API Key',
'value': 'secret-value',
'retrieved_at': '2026-02-14T16:09:00Z'
}
get_database_credentials(database_id, ttl_hours=4, access_level='read-only') -> dict
Generate temporary database credentials.
Parameters:
database_id(str): Database IDttl_hours(int): Time to live in hours (default: 4)access_level(str): 'read-only', 'read-write', or 'admin'
Returns:
{
'lease_id': 'lease-123',
'username': 'temp_user_abc',
'password': 'temp_pass_xyz',
'database_id': 'db-123',
'access_level': 'read-only',
'issued_at': '2026-02-14T16:09:00Z',
'expires_at': '2026-02-14T20:09:00Z',
'ttl_seconds': 14400
}
revoke_lease(lease_id) -> None
Revoke a dynamic secret lease.
list_api_keys() -> list
List user's API keys.
create_api_key(name, description=None, scopes=None, expires_at=None) -> dict
Create a new API key.
delete_api_key(key_id) -> None
Delete an API key.
Environment Variables
You can use environment variables for configuration:
import os
from raqeb import RaqebClient
client = RaqebClient(
api_key=os.getenv('RAQEB_API_KEY'),
base_url=os.getenv('RAQEB_BASE_URL', 'https://app.raqeb.cloud/api/v1')
)
Best Practices
- Never hardcode API keys - Use environment variables
- Use minimal scopes - Only grant necessary permissions
- Set appropriate TTLs - Use shortest time needed
- Always revoke leases - Clean up credentials when done
- Handle errors gracefully - Catch and handle SDK exceptions
- Use context managers - Automatic resource cleanup
License
MIT License - see LICENSE file for details
Support
- Documentation: https://docs.raqeb.cloud
- Email: support@raqeb.cloud
- GitHub: https://github.com/raqeb/python-sdk
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
raqeb-1.0.0.tar.gz
(5.3 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
raqeb-1.0.0-py3-none-any.whl
(6.0 kB
view details)
File details
Details for the file raqeb-1.0.0.tar.gz.
File metadata
- Download URL: raqeb-1.0.0.tar.gz
- Upload date:
- Size: 5.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ef0cfeb82fe1f2129240012e5c72e9da1808ef7a530b9debcef19d62a340f093
|
|
| MD5 |
be54e9399ef032632645d28970f73a33
|
|
| BLAKE2b-256 |
a18fa8855b4a10b438b041e63ce7a9d16c98cc371793227a60ee7983b5c547b9
|
File details
Details for the file raqeb-1.0.0-py3-none-any.whl.
File metadata
- Download URL: raqeb-1.0.0-py3-none-any.whl
- Upload date:
- Size: 6.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bdf00a7079173012f039194359b4dc90c8d941d59fb6f96e266c412ae90f72ea
|
|
| MD5 |
aa73b6e08902e8441f3eaebbcb4b5b8a
|
|
| BLAKE2b-256 |
077b2722671277b462b0105576fb78e177af61a966c97a20277699edd450d9e5
|
