Authlib: Python Authentication¶
Release v0.7.dev. (Installation)
Authlib is an ambitious authentication library for OAuth 1, OAuth 2, OpenID clients and servers. It is designed from low level APIs to high level APIs, to meet the needs of everyone.
Generic specification implementations that Authlib has built-in:
- done RFC5849: The OAuth 1.0 Protocol
- done RFC6749: The OAuth 2.0 Authorization Framework
- done RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- done RFC7009: OAuth 2.0 Token Revocation
- done RFC7515: JSON Web Signature
- doing RFC7516: JSON Web Encryption
- done RFC7517: JSON Web Key
- part RFC7518: JSON Web Algorithms
- done RFC7519: JSON Web Token
- done RFC7662: OAuth 2.0 Token Introspection
- done OIDC: OpenID Connect 1.0
Framework integrations with current specification implementations:
- ready Requests OAuth 1 Session
- ready Requests OAuth 2 Session
- ready Flask OAuth 1.0/2.0 Client
- ready Django OAuth 1.0/2.0 Client
- ready Flask OAuth 1.0 Server
- ready Flask OAuth 2.0 Server
- beta Flask OpenID Connect 1.0
- todo Django OAuth 1 Server
- todo Django OAuth 2 Server
- todo Django OpenID Connect Server
Authlib is compatible with Python2.7+ and Python3.5+.
This part of the documentation begins with some background information about Authlib, and installation of Authlib.
This part of the documentation contains information on the client parts, for Requests, Flask and Django.
- OAuth 1 Session
- OAuth 2 Session
- Integrated Frameworks
This part of the documentation contains information on the server parts for frameworks.
- Flask OAuth 1.0 Server
- Flask OAuth 2.0 Server
- Flask OpenID Connect 1.0
Django support will be added in Version 0.8.
Guide on specifications. You don’t have to read this section if you are just using Authlib. But it would be good for you to understand how Authlib works.
- The OAuth 1.0 Protocol
- The OAuth 2.0 Authorization Framework
- The OAuth 2.0 Authorization Framework: Bearer Token Usage
- OAuth 2.0 Token Revocation
- JSON Web Signature
- JSON Web Key
- JSON Web Algorithms
- JSON Web Token
- OAuth 2.0 Token Introspection
- OpenID Connect 1.0
Community & Contribution¶
This section aims to make Authlib sustainable, on governance, code commits, issues and finance.
- Security Vulnerability
- Awesome Articles and Talks
If you are looking for information on a specific function, class or method for non specifications, this part of the documentation is for you.