Skip to main content

Shared-Secret Requests: A simple HTTP authentication library using shared secrets.

Project description

Shared-Secret Requests (SSR)



A simple HTTP authentication library using shared secrets.


The ssr library exposes a simple set of interfaces that facilitate server-server authentication using a shared secret. This shared secret or secret_key is used to generate a public key, using a client id and timestamp. The combination of the client id, timestamp and public key form a signature that a host server can use to verify the identity of the client server. ssr provides 3 intefaces to support that authentication workflow:

  1. ssr.Client - to help generate a public key from a shared secret key.
  2. ssr.Session - exends the requests library Session class to expose an ssr.Client and patch requests with the appropriate headers to correcly interface with ssr.BaseAuthentication
  3. ssr.BaseAuthentication - to help hosts validate requests from clients that have the same shared secret.


The scope of this project is limited to server-server authentication e.g. to support RESTful data transfer between micro-services. Logistics around managing secrets is not included in the scope of this project. For tools to manage secrets you can look into:


pip install ssr


SSR Client


Requests Session

import ssr

session = ssr.Session(

response = session.get(
    params={'q': 'auth'}

Base Authentication



Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ssr-0.1.2.tar.gz (11.0 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page