Hi I want to access an application that is behind OKTA sso. I am using python requests module for accessing the application. Before Okta I was able to access the application with userid and password from my python script. But after okta the script is failing to access the application.
what modification I need in my Python script using requests module
From what I understand, there is a big chance you want to access an application using Okta issued token.
You need to reach out to the application developers to identify how to properly retrieve a token. There are lots of ways to authenticate using Okta and without more information it's gonna be hard to help you out.
Once you have all those information you should be able to use any python module providing requests authentication classes for the authentication flow that you have to use.
Disclaimer: I wrote requests-auth providing Okta authentication classes that can be used with requests (nominated in the Okta developer community award).
Related
I want some help with the database implementation in my project.
The final implementation:
Website:
I want to make a (flask) website where the user can create or delete an account.
Desktop application:
I also want to make a (PyQt) python application that the user can log in to his/her account via a login prompt.
Database:
I want to make a (firebase) database so the users can authenticate. The database will also collect some user information except the authentication credentials.
The implementation until now:
Firebase:
I created a “web app” in firebase so I communicate with firebase via firebaseConfig
Flask website:
I created a flask website that communicates with the firebase via the firebaseConfig. The user fills in a form, and the firebase authentication creates a user via (create_user_with_email_and_password). The database, also, collects some extra user information.
(I think that my code is “safe” as it is server-side)
The problem:
Python application:
I created a python application that the user can log in to the firebase authentication. The problem I faced is that I “have to” include the firebaseConfig in my python code. With the firebaseConfig I can create and delete users, but I don’t want the other users to have the ability to do this.
(so I think my code is unsafe because the communication with the firebase is client-side so someone may decompile the code and get the firebaseConfig).
What is the best way to make my project safer?
It sounds like you're using the Firebase Admin SDK for Python, which (like all Admin SDKs) runs with elevated privileges and should only be used in trusted environments (such as your development machine, a server that you control, or Cloud Functions/Cloud Run).
There is no Firebase-provided SDK for use in Python applications that you ship to regular users of your app. That means that your options are limited to either using the REST API to sign in with Firebase, or to use a 3rd party library, such as Pyrebase (be sure to not use a service account there, as that'd make it run with the same elevated privileges as the Admin SDK).
My company uses Okta Authentication for all corporate applications. Is there a way or a workaround to circumvent the OKTA Authentication while connecting to AWS Athena? I'm trying to automate a Python Script that connects to Athena and it requires me to Okta Verify every time after the short-lived token expires. However, Google Suite (Docs, Sheets, Drive) API's doesn't require this type of AUTH verification method and it never requests one when I connect Python to Google Suites although our Google Suite use Okta Authentication for login.
Any help or references would be much appreciated. Thank you!
I want to create pods, manage replica sets, and deployments using a rest API either built with PHP or Python. This needs to be controlled from a web app where the user clicks on a button and a new pod with a specific volume is created. I'm not sure how to achieve this.
I came across KC8 API and Python KC8 client API but I'm unable to achieve what is required. TIA
Kubernetes is controlled through an HTTP REST API, which is fully specified here. You could write a web app that directly issues the appropriate HTTP requests to the Kubernetes API server.
However, it's much more recommended to use one of the Kubernetes client libraries that exist for different programming languages. These libraries wrap all the HTTP requests in function calls and also take care of things like authentication.
You can find example code using the different client libraries in the GitHub repositories of most libraries (see here).
I need to build a Django web-app. My web-app needs to support authentication and authorization using OpenID Connect. It is my first time doing this. Is there a free Identity Provider to test my application or do I need to write the provider and the client? My task is to write only the client that connects to the provider. An example would be great or some course/tutorial I can use to learn how to do this.
Maybe there are no good examples in Django but I know ASN.NET and Java so those examples could inspire me as well.
There are a bunch of OpenID Connect providers you can use to test your client: you can sign up for a free Auth0 or Okta developer sandbox, download and run IdentityServer locally, or try the OAuth2 Playground.
As for writing the client. Please don't write your own. There are a list of libraries from the OpenId Foundation. I've used pyoidc for a non Django application, you could hook that in to your app, or use one of the Django specific OpenID Connect libraries.
checkout this example using both provider (django app using django-oidc-provider package) and client (using JS).
https://django-oidc-provider.readthedocs.io/en/latest/sections/examples.html
I am writing a Python application to download csv files through an API on an internal server, by sending GET requests. When testing the requests through Postman, I was able to use Basic Auth along with my Windows credentials to generate a token and authenticate on the server.
Now when it comes to the Python application, I obviously don't want to hard-code my Windows credentials into the app, nor do I want to use the Basic Auth token that was generated (maybe I'm wrong, but this still seems like it would not be a very secure thing to do as I believe the token is a direct hash of my credentials, not to mention when I change my credentials I would have to go and update the token as well).
What I want to know is if it is possible to automatically use the windows credentials from wherever the program is run, in order to authenticate against the server. I tried using NTLM, but unless I am misunderstanding this would still require my credentials to be coded into the app, and from my testing it looks like the server only supports basic auth and not NTLM directly.
I am very new to authentication in Python (and in general), any help would be appreciated.