A Python toolset for the RSA ID Plus cloud authentication platform.
| Latest Stable Release |
|
| Latest Beta/RC Release |
|
| Build Status |
|
| Supported Versions |
|
| Code Coverage |
|
| Documentation |
|
| Security Audits |
|
| License |
|
| Issues |
 
|
| Pull Requests |
 
|
Install from PyPI:
python -m pip install --upgrade pydplusInstall from source:
git clone https://github.com/jeffshurtliff/pydplus.git
cd pydplus
poetry installThe change log can be found in the documentation.
PyDPlus is designed for Python-based administration workflows in RSA ID Plus tenants, including:
- user lifecycle automation (lookup, disable, mark for deletion)
- admin reporting and audit integrations
- helpdesk and identity-operations scripting
from pydplus import PyDPlus, constants as constpydplus.PyDPlus supports both OAuth and Legacy credentials. OAuth (Private Key JWT) is recommended for new usage.
from pydplus import PyDPlus, constants as const
OAUTH_SCOPE = [
const.OAUTH_SCOPES.USER_READ,
const.OAUTH_SCOPES.USER_MANAGE,
]
pydp = PyDPlus(
connection_type="oauth",
base_admin_url="https://example-company.access.securid.com",
oauth_client_id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
oauth_private_key="/path/to/oauth-private-key.jwk",
oauth_scope=OAUTH_SCOPE,
)Legacy API authentication is also supported. See the Authentication guide for both patterns.
- Configure default scope permissions in the OAuth client settings in the RSA Cloud Administration Console.
- Define scopes explicitly in your code/helper/env configuration (manual string values or constants like
const.OAUTH_SCOPES.USER_READgrouped in anOAUTH_SCOPEvariable). - Use scope presets to apply scope bundles (for example
user_read_onlyorgroup_read_only) viaoauth_scope_preset(argument),connection.oauth.scope_preset(helper setting), orPYDPLUS_OAUTH_SCOPE_PRESET(environment variable).
In PyDPlus, keep oauth_scope explicitly defined (directly, helper file, or environment variable) so token requests
remain deterministic and validated.
Presets are additive and merged with explicit scopes:
pydp = PyDPlus(
connection_type="oauth",
base_admin_url="https://example-company.access.securid.com",
oauth_client_id="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
oauth_private_key="/path/to/oauth-private-key.jwk",
oauth_scope=const.OAUTH_SCOPES.USER_MANAGE,
oauth_scope_preset=("user_read_only", "group_read_only"),
)user_id = pydp.users.get_user_id(email="john.doe@example.com")
response = pydp.users.disable_user(user_id=user_id)For deeper coverage, see:
- Quickstart: https://pydplus.readthedocs.io/en/stable/getting-started/quickstart.html
- Authentication guide: https://pydplus.readthedocs.io/en/stable/guides/authentication.html
- Client reference: https://pydplus.readthedocs.io/en/stable/reference/client.html
The documentation is located here: https://pydplus.readthedocs.io/en/stable/
Issues can be reported within the GitHub repository.
Contributions are welcome and appreciated, including bug fixes, documentation improvements, tests, and feature work. For full contribution requirements and workflows, please see CONTRIBUTING.md.
This repository uses Ruff for linting, import sorting, and formatting.
The standard maximum line length for this package is 130 characters.
Line-length exceptions should be rare and limited to comments or special cases where wrapping harms readability.
When an exception is required, use a targeted per-line # noqa: E501 comment.
poetry run ruff check .
poetry run ruff check . --fix
poetry run ruff format .
poetry run ruff format . --checkThese checks are enforced in CI via .github/workflows/ci.yml.
If you would like to donate to this project then you can do so using this PayPal link.
This package is considered unofficial and is in no way endorsed or supported by RSA Security LLC.