Comment on page
Python

Authenticate requests and manage Passage users with Python.
​
To use the Passage Python SDK, you'll need your Passage App ID. You can create a new Passage App in the console. 
The Passage Python SDK is designed for Flask or Django apps and supports Python 3.6 and higher.
It can be installed from the command line: pip install passage-identity
Authenticating a Request
A Flask server can easily authenticate an HTTP request using the passageidentity package, available via pip. The example below shows a Flask middleware that can be used to authenticate users.
from passageidentity import Passage
import os
​
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
​
class AuthenticationMiddleware(object):
    def __init__(self, app):
        self.app = app
​
    def __call__(self, environ, start_response):		
        request = Request(environ)
        psg = Passage(PASSAGE_APP_ID)
        try:
            user = psg.authenticateRequest(request)
        except:
            ret = Response(u'Authorization failed', mimetype='text/plain', status=401)
            return ret(environ, start_response)
        environ['user'] = user
        return self.app(environ, start_response)            
By default, Passage looks for the user JWT from a cookie that is set by the Passage Element ( psg_auth_token ). If your application uses Authorization headers instead, you can pass the following option to Passage.
psg = Passage(PASSAGE_APP_ID, auth_strategy=Passage.HEADER_AUTH)
Authorizing a User
It is important to remember that psg.authenticateRequest()  validates that a request is properly authenticated, but an additional authorization check is often required.
app = Flask(__name__)
app.wsgi_app = AuthenticationMiddleware(app.wsgi_app)
​
@app.route('/', methods=['GET', 'POST'])
def authenticatedRoute():
    passageID = environ['user']
    authorized = authorizationCheck(passageID)
    if authorized:
    # Successful authentication and authorization. Proceed ...
App Information
The Passage SDK provides a way to retrieve information about an app.
from passageidentity import Passage
​
psg = Passage(PASSAGE_APP_ID)
​
passageAppInfo = psg.getApp()
​
print(passageAppInfo)
User Management
In addition to authenticating requests, the Passage SDK also provides a way to securely manage your users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console. 
Passage API Keys are sensitive! You should store them securely along with your other application secrets.
The functionality currently available on a user is:
Get a user's information (including any defined user metadata)
Activate or deactivate a user (a deactivated user will not be able to log in)
Update a user's information (email address or phone number)
Delete a user
Create a user
Get
Activate/Deactivate
Update
Delete
Create
from passageidentity import Passage
import os
​
PASSAGE_APPID = os.environ.get("PASSAGE_APPID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APPID, PASSAGE_API_KEY)
​
def exampleFlaskMiddleware(request):
    # set the user_id response to flask middleware
    g.user = psg.authenticateRequest(request)
​
@app.route('/home')
def authenticatedEndpoint():
    user_id = g.user
    user = psg.getUser(user_id)
    print(user.email)
from passageidentity import Passage
import os
​
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APP_ID, PASSAGE_API_KEY)
​
# get Passage UserID from database
# ...
​
# deactivate this user
psg.deactivateUser(user_id)
​
# activate this user
psg.activateUser(user_id)
from passageidentity import Passage
import os
​
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APP_ID, PASSAGE_API_KEY)
​
# get Passage UserID from database
# ...
​
#activate or deactivate this user
user = psg.updateUser(user_id, {
    "email": "[email protected]",
    "phone": "+15005550006"
})
from passageidentity import Passage
import os
​
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APP_ID, PASSAGE_API_KEY)
​
# get Passage UserID from database
# ...
​
# delete user
deleted_user = psg.deleteUser(user_id)
print(deleted_user) # true
from passageidentity import Passage
import os
​
PASSAGE_APP_ID = os.environ.get("PASSAGE_APP_ID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APP_ID, PASSAGE_API_KEY)
​
# get Passage UserID from database
# ...
​
# create user via email
created_user1 = psg.createUser({"email": "[email protected]"})
print(created_user1) # Passage UserObject
​
# create user via phone
created_user2 = psg.createUser({"phone": "+15005550007"})
print(created_user2) # Passage UserObject
All fields available in a Passage User object are listed below:
Field
Type
id
string
email
string
phone
string
active
boolean
email_verified
boolean
created_at
datetime
last_login_at
datetime
webauthn
boolean
user_metadata
dictionary
webauthn_devices
array of strings (e.g. "Mac OS X")
recent_events
array of PassageEvents
User Device Management
The functionality currently available is:
List all devices for a user
Revoke a particular device from a user
List Devices
Revoke Device
from passageidentity import Passage
import os
​
PASSAGE_APPID = os.environ.get("PASSAGE_APPID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APPID, PASSAGE_API_KEY)
​
def exampleFlaskMiddleware(request):
    # set the user_id response to flask middleware
    g.user = psg.authenticateRequest(request)
​
@app.route('/home')
def authenticatedEndpoint():
    user_id = g.user
    devices = psg.listUserDevices(user_id)
    print(devices)
from passageidentity import Passage
import os
​
PASSAGE_APPID = os.environ.get("PASSAGE_APPID")
PASSAGE_API_KEY = os.environ.get("PASSAGE_API_KEY")
psg = Passage(PASSAGE_APPID, PASSAGE_API_KEY)
​
def exampleFlaskMiddleware(request):
    g.user = psg.authenticateRequest(request)
​
@app.route('/home')
def authenticatedEndpoint():
    user_id = g.user
    success = psg.revokeUserDevices(user_id, passageDeviceID)
    print(succes) #true
Creating Magic Links
The Python SDK can be used to generate custom magic links for users, that can be embedded into any content medium. To learn more, see our full guide on Embedded Magic Links. 
from passageidentity import Passage
​
psg = Passage(PASSAGE_APP_ID, PASSAGE_API_KEY)
​
# create a magic link
magicLinkAttributes={
    "email": "<[email protected]>", 
    "redirect_url": "/custom-path/1234"}
magicLink = psg.createMagicLink(magicLinkAttributes)
# use the 'url' parameter
print(magicLink.url)
PHP
Ruby
Last modified 1mo ago
Field	Type
id	string
email	string
phone	string
active	boolean
email_verified	boolean
created_at	datetime
last_login_at	datetime
webauthn	boolean
user_metadata	dictionary
webauthn_devices	array of strings (e.g. "Mac OS X")
recent_events	array of PassageEvents