API Authentication in Python

What is Authentication?

Authentication is a process of verifying the authenticity of the user. We can authenticate a user using a unique username and password. Only the authorized person can access the data by using a unique username and password. The authentication can be provided by the data of the authorization header or a custom header offered by a server.

We can provide the authentication using different libraries provided by Python. Python provides a library, Requests, used for authenticating the API.

About Requests Library

The Requests library in Python is used for sending HTTP requests to a URL. It returns a response object, which gives the details and data from the webpage. This library has various functions used for the authentication of APIs. These are some of the methods used for the authentication of API:

  1. Using HTTPBasicAuth method of Requests library for basic authentication.
  2. Using HTTPDigestAuth method of Requests library.
  3. Using Authorization tokens as credentials.
  4. Using the OAuth1 method for authentication.
  5. Using the OAuth2 and OpenID methods.
  6. Custom Authentication using AuthBase class.

Before implementing, we need to download the requests library in Python using the pip command:

After installing, we will import the requests library:

Now, we will see the different methods of authenticating APIs using the requests library in Python:

1. Using the HTTPBasicAuth method for Basic Authentication

Basic authentication can be described as providing a unique username and password for authenticating a request. This can be done with the help of the HTTPBasicAuth class provided by the requests library.

Let's implement the HTTPBasic method to authenticate the API:

Output:

<Response [200]>

We imported the HTTPBasicAuth method from the requests.auth module. Then, using the request.get( ) function, we have called a URL, and with the auth parameter, we have declared the HTTPBasicAuth class with the user and pass as username and password. It can be changed by replacing it with your username and password. As an output, it returns the response object. If the response object is 200, it means it gives authentication to the user; if it is 401, it means it denied the request.

2. Using Digest Authentication with the HTTPDigestAuth method

Digest Authentication is a type of authentication in which it does not need any password to be passed through it. The Request library also supports the Digest Authentication. This library provides the HTTPDigestAuth class to implement the digest authentication.

In this, we will use the HTTPDigestAuth class from the request.auth module. Then, we will pass the username and password to the object to the Digest Authorization.

Output:

<Response [401]>

We requested to authorize an API and were given a username and password. As an output, it returns the 401 response, which means it denied the URL because of the wrong username and password.

3. Using Authorization tokens as credentials

This method provides tokens instead of credentials for the authorization of the API. The requests library in Python can help in working with these kinds of APIs. The token provided can be embedded in the headers of the request.

It can be implemented as:

Output:

<Response [200]>

We used the requests library to authenticate the API. We have declared the tokens as having usernames and passwords, which are passed in the header parameter. It gives the response 200 as it authenticates the API and gives access to the user.

4. Using the OAuth1 method for authentication

The OAuth1 method is a very common type of authentication while using web APIs. The OAuth1 offers a client key, client secret, resource key, and resource secret. The OAuth1 class is a sub-module of the requests-oauthlib library. To implement this type of authentication, we need to install the requests-oauthlib module.

The requests-oauthlib module can be installed using the pip command:

Syntax of OAuth1

Now, we will try this method on an API to get the authentication:

Output:

<Response [401]>

We imported the OAuth1 library from the requests_oauthlib module. Then, we made an object and called the OAuth1 with the required parameters. Then, using the request.get( ) function, we tried to get the authentication for the URL. As an output, it returns the response 401, as it denied the access.

As OAuth1 is not very efficient and dependable, another protocol named OAuth2 was introduced in 2012, which is more reliable and robust.

5. Using the OAuth2 and OpenID methods

The OAuth2 method also uses access tokens. The tokens are some data in the form of JSON, allowing the users to authenticate any site or API. The tokens used have an expiry date and time, which helps in making it more secure and prevents any intermediate intervention.

The OAuth2 method can be implemented using the requests library. The requests library offers a requests-oauthlib module for implementing OAuth2. Before implementing, we need to import the OAuth2 library.

6. Custom Authentication in Requests Library

We can create our authentication for any API by providing a general structure via a subclass. The requests library provides an AuthBase class under the requests.auth module by which we can create our own form of authentication. We can inherit the authentication class from the AuthBase class.

Before implementing the custom authentication, we need to import the AuthBase class:

Implementing a custom authentication in Python:

Output:

<Response [401]>

We imported the required libraries and then made a class and inherited the AuthBase class. In this custom class, we called an in-built function __call__, which returns the object. Then, defined a URL and called in the requests.get( ) function with the custom( ) class as the auth parameter.