SynAuth SDK — Biometric approval for AI agent actions via Face ID
Project description
SynAuth SDK
Python SDK for AI agents to request biometric-approved actions. Every sensitive action your AI agent takes — sending emails, making purchases, accessing data, signing contracts — goes through Face ID verification on your iPhone.
Install
pip install synauth
Quick Start
from synauth import SynAuthClient
client = SynAuthClient(api_key="aa_your_key_here")
# Request approval for an action
result = client.request_action(
action_type="communication",
title="Send quarterly report",
description="Email to investor@example.com with Q4 results",
risk_level="low",
)
# Wait for Face ID approval
status = client.wait_for_result(result["id"])
if status["status"] == "approved":
send_email(...)
How It Works
- Your AI agent calls
request_action()(or a convenience method likerequest_email()) - SynAuth sends a push notification to the user's iPhone
- The user verifies with Face ID
- The agent polls for the result — or receives a webhook callback
- If using the credential vault, SynAuth executes the action with stored credentials
Credential Vault
The agent can't bypass what it can't access. Store your API credentials in SynAuth's vault. The agent requests actions through the SDK — SynAuth injects the real credentials after biometric approval. The agent never sees your API keys.
# Discover available services
services = client.list_vault_services()
# Execute an API call through the vault (biometric-gated)
result = client.execute_api_call(
service_name="openai",
method="POST",
url="https://api.openai.com/v1/chat/completions",
body='{"model": "gpt-4", "messages": [{"role": "user", "content": "Hello"}]}',
)
Convenience Methods
# Email
client.request_email(recipient="team@co.com", subject="Update", preview="Q4 numbers")
# Purchase
client.request_purchase(amount=49.99, merchant="DigitalOcean", description="3x droplets")
# Booking
client.request_booking(title="Team lunch", description="12pm at Nobu", amount=850.00)
# Social media
client.request_post(platform="Twitter", content_preview="Announcing our Series A...")
# Data access
client.request_data_access(resource="production-db", reason="Monthly analytics export")
# Legal
client.request_contract(title="NDA with Acme Corp", description="Standard mutual NDA")
Payment-Only Wrapper
For agents that only need payment authorization:
from synauth.pay import SynPayClient
client = SynPayClient(api_key="aa_your_key_here")
request = client.request_payment(
amount=29.99,
merchant="OpenAI",
description="GPT-5 API credits",
)
status = client.wait_for_result(request["id"])
Error Handling
from synauth import (
SynAuthClient,
SynAuthError,
SynAuthAPIError,
RateLimitError,
ActionDeniedError,
ActionExpiredError,
VaultExecutionError,
)
client = SynAuthClient(api_key="aa_...")
try:
result = client.execute_api_call(
service_name="github",
method="POST",
url="https://api.github.com/repos",
body='{"name": "new-repo"}',
)
except ActionDeniedError as e:
print(f"User denied: {e.reason}")
except ActionExpiredError as e:
print(f"Request expired: {e.request_id}")
except RateLimitError:
print("Rate limited — back off and retry")
except VaultExecutionError as e:
print(f"Vault execution failed: {e.detail}")
except SynAuthAPIError as e:
print(f"API error {e.status_code}: {e.detail}")
Spending Limits
Check your agent's spending against configured limits before making purchases:
summary = client.get_spending_summary()
for s in summary["summaries"]:
print(f"{s['action_type']} ({s['period']}): ${s['spent']:.2f} / ${s['limit']:.2f}")
History
Review past action requests:
history = client.get_history(limit=10, status="approved")
for action in history["actions"]:
print(f"{action['title']} — {action['status']}")
Webhook Callbacks
Receive status updates without polling:
result = client.request_action(
action_type="purchase",
title="Buy API credits",
amount=100.00,
callback_url="https://your-server.com/webhook/synauth",
)
# SynAuth will POST to callback_url when the user approves or denies
Configuration
| Parameter | Default | Description |
|---|---|---|
api_key |
(required) | Your SynAuth API key (aa_...) |
base_url |
https://synauth.fly.dev |
SynAuth backend URL (override for self-hosted) |
Also Available
- synauth-mcp — MCP server for Claude and other MCP-compatible agents
- SynAuth iOS App — Face ID approval on your iPhone
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file synauth-0.1.1.tar.gz.
File metadata
- Download URL: synauth-0.1.1.tar.gz
- Upload date:
- Size: 7.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4852bef3923c71eaed2736b065b912c4dcc9a30f274fd128e5d60c99267d0ef0
|
|
| MD5 |
925157cd09f7147f1108bca622fbc7ce
|
|
| BLAKE2b-256 |
471a7f875fe02345bed8a7abd467432a78af915435f2ba3f4f4394dc2b45879e
|
File details
Details for the file synauth-0.1.1-py3-none-any.whl.
File metadata
- Download URL: synauth-0.1.1-py3-none-any.whl
- Upload date:
- Size: 8.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1d193fcc7f7c42be155959f81811e18accbc8199cddc5e7bb78380c38f6a7d76
|
|
| MD5 |
fe511819455080edf47e706b1195e468
|
|
| BLAKE2b-256 |
6c280e97d1c04d05c1d8a9d533fefc39b9b51286b3f913de73a545ec6f6b27cc
|
