Installation

Python 3
pip3 install authsignal

Initialization

import authsignal.client

authsignal_client = authsignal.Client(api_key='YOUR_SECRET_KEY')

You can find your client or tenant ID in the Authsignal Portal.

You must specify the correct base URL for your tenant’s region.

RegionBase URL
US (Oregon)https://api.authsignal.com/v1
AU (Sydney)https://au.api.authsignal.com/v1
EU (Dublin)https://eu.api.authsignal.com/v1

For example, to set the base URL to use our AU region:

import authsignal.client

authsignal_client = authsignal.Client(api_key='YOUR_SECRET_KEY', api_url='https://au.api.authsignal.com/v1')

track

track lets you record actions performed by users and initiate challenges.

import authsignal.client

result = authsignal_client.track(
    user_id="1234",
    action="withdrawal",
    payload={
        "redirectUrl": "https://example.com/finalize-withdrawal"
    }
)

match result["state"]
case authsignal.client.ALLOW:
    # Carry on with your operation/business logic
case authsignal.client.BLOCK:
    # Stop your operations
case authsignal.client.CHALLENGE_REQUIRED:
    # Step up authentication required, redirect or pass the url to the front end
    response["url"]

Arguments

Returns

validate_challenge

validate_challenge lets you validate the result of a challenge using the token which is obtained after a redirect (if using the pre-built UI) or returned by a client SDK (if using an embedded flow).

result = authsignal_client.validate_challenge(
    token=token,
)

When performing MFA for a user who has already been authenticated by a primary factor (e.g. username & password), it’s important to check the token belongs to that user. The validateChallenge method will do this check if you pass both the token and the userId.

Arguments

Returns

get_user

get_user retrieves a user and their MFA enrollment status.

result = authsignal_client.get_user(user_id="usr_123")

is_enrolled = result["is_enrolled"]

Arguments

Returns

get_action

get_action lets you determine the result of a challenge after the user has been redirected back from the Authsignal pre-built UI (or after the popup has been closed, if showing the page in a modal).

result = authsignal_client.get_action(
    user_id="1234",
    action="signIn",
    idempotency_key="0ae73782-d8c1-49bc-be75-09612a3b9d1c",
)

if result["state"] == "CHALLENGE_SUCCEEDED":
    print("Proceed with business logic")
    # The user has successfully completed the challenge, and you should proceed with
    # the business logic

Arguments

Returns

enroll_verified_authenticator

enroll_verified_authenticator can be used to enroll an authenticator on behalf of a user if it has already been verified.

authsignal_client.enroll_verified_authenticator(
    user_id="1234",
    authenticator_payload={"oobChannel": "SMS", "phoneNumber": " 64277770770"},
)

Arguments

Returns

authenticator
object
recoveryCodes
string[]

Was this page helpful?