Python

Authenticate requests and manage Passage users with Python.

PyPI version

Prerequisites

Passage App ID and API Key from Passage Console

Install

Install the passage-identity package.

pip install passage-identity

Initialize

import os
from passageidentity import Passage
 
passage = Passage(
    app_id=os.environ["PASSAGE_APP_ID"],
    api_key=os.environ["PASSAGE_API_KEY"],
)

Authenticating requests

The Passkey Complete Python SDK provides a way to validate JWT-authenticated requests. To learn more, see our full guide on JWTs.

@app.route("/protected-route", methods=["GET"])
def auth_validate_jwt():
    # Get Passage JWT from the request's Authorization header
    auth_header = req.headers["Authorization"]
    token = auth_header.removeprefix("Bearer").strip()
 
    # Validate jwt using Passage
    try:
        user_id: str = passage.auth.validate_jwt(token)
 
        # Token is valid
        user: PassageUser = passage.user.get(user_id)
 
        print(user)
    except Exception:
        # Token is invalid

User management

In addition to authenticating requests, the Passkey Complete Python SDK also provides a way to securely manage users. These functions require authentication using a Passage API key. API keys can be managed in the Passage Console.

The functionality currently available on a user is:

  • Get a user’s information (including any defined user metadata fields)
  • Activate or deactivate a user (a deactivated user will not be able to log in)
  • Update a user’s information (email address or phone number)
  • Revoke a user’s refresh tokens
  • Delete a user
  • Create a user

User device management

The functionality currently available is:

  • List all devices for a user
  • Revoke a particular device from a user

Creating Magic Links

The Passkey Complete Python SDK can be used to generate custom Magic Links for users, that can be embedded into any content medium. To learn more, see our full guide on Embedded Magic Links.

# With an email
args = MagicLinkWithEmailArgs(
    email="test.email@mail.com",
    link_type=MagicLinkType.LOGIN,
    send=True,
)
magic_link: MagicLink = passage.auth.create_magic_link(args)
 
# With a phone number
args = MagicLinkWithPhoneArgs(
    phone="+15125550000",
    link_type=MagicLinkType.LOGIN,
    send=True,
)
magic_link: MagicLink = passage.auth.create_magic_link(args)
 
# With a passage user id
args = MagicLinkWithUserArgs(
    user_id=passage_user_id,
    channel=MagicLinkChannel.EMAIL,
    link_type=MagicLinkType.LOGIN,
    send=True,
)
magic_link: MagicLink = passage.auth.create_magic_link(args)
 
# Any of the above with options
options = MagicLinkOptions(
    language=MagicLinkLanguage.ES,
    magic_link_path="/some/path",
    redirect_url="/redirect/to/dashboard/path",
    ttl: 20, # minutes
)
magic_link: MagicLink = passage.auth.create_magic_link(args, options)