API Authentication

Introduction to APIs in Python

Chris Ramakers

Engineering Manager

Accessing sensitive data

A user trying to access music albums via a client. The request is sent over the Internet to a server through an API but receives a "401 Unauthorized" response.

Introduction to APIs in Python

Accessing sensitive data

A user accessing music albums via a client, providing a username and password. The request is sent over the Internet to a server through an API and receives a "200 OK" response, indicating successful access.

Introduction to APIs in Python

Authentication methods

Method Ease of Implementation Security Rating
Basic Authentication ⭐ ⭐ ⭐ ⭐ ⭐ ⭐ ☆ ☆ ☆ ☆
API key/token Authentication ⭐ ⭐ ⭐ ⭐ ☆ ⭐ ⭐ ☆ ☆ ☆
JWT Authentication ⭐ ⭐ ⭐ ☆ ☆ ⭐ ⭐ ⭐ ⭐ ☆
OAuth 2.0 ⭐ ⭐ ☆ ☆ ☆ ⭐ ⭐ ⭐ ⭐ ⭐

 

Tip: Check the documentation of the API you are using to learn which method to use for authentication!

Introduction to APIs in Python

Basic authentication

Basic authentication with the requests package

# This will automatically add a Basic Authentication header before sending the request
requests.get('http://api.music-catalog.com', auth=('username', 'password'))
Introduction to APIs in Python

API key/token authentication

Using a query parameter

http://api.music-catalog.com/albums?access_token=faaa1c97bd3f4bd9b024c708c979feca

params = {'access_token': 'faaa1c97bd3f4bd9b024c708c979feca'}
requests.get('http://api.music-catalog.com/albums', params=params)

Using the "Bearer" authorization header

headers = {'Authorization': 'Bearer faaa1c97bd3f4bd9b024c708c979feca'}
requests.get('http://api.music-catalog.com/albums', headers=headers)
Introduction to APIs in Python

Let's practice!

Introduction to APIs in Python

Preparing Video For Download...