Authlib: Python Authentication¶
Release v0.10.dev. (Installation)
The ultimate Python library in building OAuth and OpenID Connect servers. It is designed from low level specifications implementations to high level frameworks integrations, to meet the needs of everyone.
Generic specification implementations that Authlib has built-in:
- done RFC5849: The OAuth 1.0 Protocol
- done RFC6749: The OAuth 2.0 Authorization Framework
- done RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- done RFC7009: OAuth 2.0 Token Revocation
- done RFC7515: JSON Web Signature
- beta RFC7516: JSON Web Encryption
- done RFC7517: JSON Web Key
- done RFC7518: JSON Web Algorithms
- done RFC7519: JSON Web Token
- done RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
- beta RFC7636: Proof Key for Code Exchange by OAuth Public Clients
- done RFC7662: OAuth 2.0 Token Introspection
- done OIDC: OpenID Connect 1.0
Framework integrations with current specification implementations:
- ready Requests OAuth 1 Session
- ready Requests OAuth 2 Session
- ready Flask OAuth Client
- ready Django OAuth Client
- ready Flask OAuth 1.0 Server
- ready Flask OAuth 2.0 Server
- beta Flask OpenID Connect 1.0
- alpha Django OAuth 1.0 Server
- todo Django OAuth 2 Server
- todo Django OpenID Connect Server
Authlib is compatible with Python2.7+ and Python3.5+.
This part of the documentation begins with some background information about Authlib, and installation of Authlib.
This part of the documentation contains information on the client parts, for Requests, Flask and Django.
- OAuth 1 Session
- OAuth 2 Session
- Flask OAuth Client
- Django OAuth Client
This part of the documentation contains information on the server parts for frameworks.
- Flask OAuth 1.0 Server
- Flask OAuth 2.0 Server
- Flask OpenID Connect 1.0
- Django OAuth 1.0 Server
Guide on specifications. You don’t have to read this section if you are just using Authlib. But it would be good for you to understand how Authlib works.
- The OAuth 1.0 Protocol
- The OAuth 2.0 Authorization Framework
- The OAuth 2.0 Authorization Framework: Bearer Token Usage
- OAuth 2.0 Token Revocation
- JSON Web Signature
- JSON Web Encryption
- JSON Web Key
- JSON Web Algorithms
- JSON Web Token
- JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
- Proof Key for Code Exchange by OAuth Public Clients
- OAuth 2.0 Token Introspection
- OpenID Connect 1.0
Community & Contribution¶
This section aims to make Authlib sustainable, on governance, code commits, issues and finance.
- Security Vulnerability
- Awesome Articles and Projects
If you are looking for information on a specific function, class or method for non specifications, this part of the documentation is for you.
Stay tuned with Authlib, here is a history of Authlib changes.