Secrets Manager Python SDK
The Python language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:
Authenticate using an access token.
Perform commands for secret and project including:
list,create,updateanddelete.
note
This SDK is a beta release. Therefore, some functionality may be missing.
Setting up a Secrets Manager account prior to using the Python SDK is recommended. This includes:
Enabling the Secrets Manager CLI.
Setting up machine accounts.
Setting up access tokens.
Python 3
maturinBashpip install maturinnpm
Locate the Python GitHub repository here.
Build the script within a virtual environment:
Bashnpm run schemas # generate schemas.py
cd languages/python/
python3 -m venv .venv
maturin developrun:
Bashsource .venv/bin/activate
python3 ./example.py
deactivate # run this to close the virtual sessionThe Python SDK build can be installed with two methods:
Python package manager (pip install)
orLocal build (advanced)
Install using pip:
Bashpip install bitwarden-sdk
From the root of the repository:
Bashnpm run schemas # generate schemas.py
cd languages/python/
maturin developYou can now import BitwardenClient in your Python code with:
Bashfrom bitwarden_sdk import BitwardenClient, DeviceType, client_settings_from_dict
Set the ORGANIZATION_ID and ACCESS_TOKEN environment variables to your organization ID and access token:
Bashexport ORGANIZATION_ID="<org-id>"
export ACCESS_TOKEN="<access-token>"
By default, the SDK uses endpoints for https://bitwarden.com. If you are running on a local dev server, or self-hosted or .eu, set API_URL and IDENTITY_URL:
Bashexport API_URL="<api-url>"
export IDENTITY_URL="<identity-url>"run:
Bashpython3 ./example.py
warning
The example.py script contains example secret and project operations. If you do not wish for the example projects and secrets operations to be created, edit or remove the example operations in ./example.py.
Bashsource .venv/bin/activate
python3 ./example.py
deactivate # run this to close the virtual sessionOnce the Bitwarden client has been created and authorized, Secrets Manager CLI commands can be passed into the client.
The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.
create project
Bashproject = client.projects().create("ProjectName", organization_id)
project2 = client.projects().create("Project - Don't Delete Me!", organization_id)
updated_project = client.projects().update(
project.data.id, "Cool New Project Name", organization_id
)
get_that_project = client.projects().get(project.data.id)delete project
Bashinput("Press Enter to delete the project...")
client.projects().delete([project.data.id])get projects
Bashprint(client.projects().list(organization_id))
The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.
create secret
Bashsecret = client.secrets().create(
"TEST_SECRET",
"This is a test secret",
organization_id,
"Secret1234!",
[project2.data.id],
)update secret
Bashsecret_updated = client.secrets().update(
secret.data.id,
"TEST_SECRET_UPDATED",
"This as an updated test secret",
organization_id,
"Secret1234!_updated",
[project2.data.id],get secret
Bashsecret_retrieved = client.secrets().get(secret.data.id)
delete secret
Bashinput("Press Enter to delete the secret...")
client.secrets().delete([secret.data.id])print secret
Bashprint(client.secrets().list(organization_id))
Suggest changes to this page
How can we improve this page for you?
For technical, billing, and product questions, please contact support