Skip to main content

Okta OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity provider implementations for Swarmauri

Project description

Swarmauri Logo

PyPI - Downloads Hits PyPI - Python Version PyPI - License PyPI - swarmauri_auth_idp_okta Discord

Swarmauri Auth IDP Okta

Okta OAuth 2.0 / OAuth 2.1 / OIDC 1.0 identity providers packaged for Swarmauri deployments.

Features

  • PKCE-enabled Authorization Code flows that integrate with Okta authorization servers.
  • Machine-to-machine app clients for Okta OAuth 2.0, OAuth 2.1 (private key JWT), and OIDC 1.0.
  • Discovery-driven OAuth 2.1/OIDC login that verifies ID tokens using Okta JWKS.
  • UserInfo enrichment for deployments that require full user profile hydration.
  • Retry-aware HTTP integration tuned for Okta endpoints.
  • ComponentBase-compatible models registered under swarmauri.auth_idp entry points.

Installation

pip

pip install swarmauri_auth_idp_okta

uv (project)

uv add swarmauri_auth_idp_okta

uv (environment)

uv pip install swarmauri_auth_idp_okta

Usage

import asyncio
from pydantic import SecretBytes, SecretStr
from swarmauri_auth_idp_okta import OktaOAuth20Login

login = OktaOAuth20Login(
    issuer="https://example.okta.com/oauth2/default",
    client_id="okta-client-id",
    client_secret=SecretStr("okta-client-secret"),
    redirect_uri="https://app.example.com/callback",
    state_secret=SecretBytes(b"replace-with-random-bytes"),
)

async def run_flow() -> None:
    auth = await login.auth_url()
    print(auth["url"])
    # Redirect the browser to `auth["url"]`, then capture the callback `code` and `state`.
    # Later, call `login.exchange_and_identity(code, state)` inside your callback handler.

asyncio.run(run_flow())

Workflow Summary

  1. Call auth_url() and redirect the browser to the returned URL.
  2. Persist the state and verify it during the callback handler.
  3. Exchange the authorization code through exchange_and_identity() to obtain tokens and profile metadata.

Server-to-server client credentials

import asyncio
from pydantic import SecretStr
from swarmauri_auth_idp_okta import OktaOAuth20AppClient

client = OktaOAuth20AppClient(
    issuer="https://example.okta.com/oauth2/default",
    client_id="machine-client-id",
    client_secret=SecretStr("machine-client-secret"),
)

async def fetch_token() -> None:
    token = await client.access_token(scope="customScope")
    print(token)

asyncio.run(fetch_token())

Use OktaOAuth21AppClient when the integration should authenticate with private_key_jwt, or OktaOIDC10AppClient to rely on discovery metadata for tenant-specific token endpoints.

Entry Points

  • swarmauri.auth_idp:OktaOAuth20AppClient
  • swarmauri.auth_idp:OktaOAuth20Login
  • swarmauri.auth_idp:OktaOAuth21AppClient
  • swarmauri.auth_idp:OktaOAuth21Login
  • swarmauri.auth_idp:OktaOIDC10AppClient
  • swarmauri.auth_idp:OktaOIDC10Login

Contributing

To contribute to swarmauri-sdk, review the guidelines for contributing which cover development workflow, testing, and coding standards.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

swarmauri_auth_idp_okta-0.11.0.dev1.tar.gz (11.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

swarmauri_auth_idp_okta-0.11.0.dev1-py3-none-any.whl (16.5 kB view details)

Uploaded Python 3

File details

Details for the file swarmauri_auth_idp_okta-0.11.0.dev1.tar.gz.

File metadata

  • Download URL: swarmauri_auth_idp_okta-0.11.0.dev1.tar.gz
  • Upload date:
  • Size: 11.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_auth_idp_okta-0.11.0.dev1.tar.gz
Algorithm Hash digest
SHA256 11fed17a9ab28dcb51db82384eef0ce0fe5f2c60206beca721317db5a5e6fc3a
MD5 030b9fc901622faae5f3e98d25959eac
BLAKE2b-256 b824e39228e9030fc17505276a714662dc08960201f6e570b61824234d5878a7

See more details on using hashes here.

File details

Details for the file swarmauri_auth_idp_okta-0.11.0.dev1-py3-none-any.whl.

File metadata

  • Download URL: swarmauri_auth_idp_okta-0.11.0.dev1-py3-none-any.whl
  • Upload date:
  • Size: 16.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.11.26 {"installer":{"name":"uv","version":"0.11.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for swarmauri_auth_idp_okta-0.11.0.dev1-py3-none-any.whl
Algorithm Hash digest
SHA256 7980177dcb22ebc7d6dfb29822f7e847de02e6d247323d42c5855510364512cb
MD5 a6cd014d0a6b01c879581827f84caf42
BLAKE2b-256 5fd98b2839960bd352ba827a994e2c7a6cc4a338cf625f051435b353d7d352ea

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page