Help Center

Secrets Manager Python SDK

The Python language wrapper for interacting with the Bitwarden Secrets Manager. The SDK, like the Secrets Manager CLI built on-top of it, can be used to execute the following operations:

note

This SDK is a beta release. Therefore, some functionality may be missing.

Requirements

Setting up a Secrets Manager account prior to using the Python SDK is recommended. This includes:

Dependencies

  • Python 3

  • maturin

  • npm

GitHub Repository

Locate the Python GitHub repository here.

Using a virtual environment

Build the script within a virtual environment:

Plain Text
npm run schemas # generate schemas.py

cd languages/python/
python3 -m venv .venv
maturin develop

run:

Plain Text
source .venv/bin/activate
python3 ./example.py

deactivate # run this to close the virtual session

Build Python SDK

The Python SDK build can be installed with two methods:

  • Python package manager (pip install)

  • Local build (advanced)

Python package manager

Install using pip:

Plain Text
pip install bitwarden-sdk

Local build

From the root of the repository:

Plain Text
npm run schemas # generate schemas.py

cd languages/python/
maturin develop

You can now import BitwardenClient in your Python code with:

Plain Text
from bitwarden_sdk import BitwardenClient, DeviceType, client_settings_from_dict

Run

Set the ORGANIZATION_ID and ACCESS_TOKEN environment variables to your organization ID and access token:

Plain Text
export ORGANIZATION_ID="<org-id>"
export ACCESS_TOKEN="<access-token>"

By default, the SDK uses endpoints for https://bitwarden.com. If you are running on a local dev server, or self-hosted or .eu, set API_URL and IDENTITY_URL:

Plain Text
export API_URL="<api-url>"
export IDENTITY_URL="<identity-url>"

run:

Plain Text
python3 ./example.py
warning

The example.py script contains example secret and project operations. If you do not wish for the example projects and secrets operations to be created, edit or remove the example operations in ./example.py. 

Plain Text
source .venv/bin/activate
python3 ./example.py

deactivate # run this to close the virtual session

Secrets Manager operations

Once the Bitwarden client has been created and authorized, Secrets Manager CLI commands can be passed into the client.

Projects

The project command is used to access, manipulate, and create projects. The scope of access assigned to your machine account will determine what actions can be completed with the project command.

create project

Plain Text
project = client.projects().create("ProjectName", organization_id)
project2 = client.projects().create("Project - Don't Delete Me!", organization_id)
updated_project = client.projects().update(
    project.data.id, "Cool New Project Name", organization_id
)
get_that_project = client.projects().get(project.data.id)

delete project

Plain Text
input("Press Enter to delete the project...")
client.projects().delete([project.data.id])

get projects

Plain Text
print(client.projects().list(organization_id))

Secrets

The secret command is used to access, manipulate and create secrets. As with all commands, secrets and projects outside your access token's scope of access cannot be read or written-to.

create secret

Plain Text
secret = client.secrets().create(
    "TEST_SECRET",
    "This is a test secret",
    organization_id,
    "Secret1234!",
    [project2.data.id],
)

update secret 

Plain Text
secret_updated = client.secrets().update(
    secret.data.id,
    "TEST_SECRET_UPDATED",
    "This as an updated test secret",
    organization_id,
    "Secret1234!_updated",
    [project2.data.id],

get secret

Plain Text
secret_retrieved = client.secrets().get(secret.data.id)

delete secret

Plain Text
input("Press Enter to delete the secret...")
client.secrets().delete([secret.data.id])

print secret

Plain Text
print(client.secrets().list(organization_id))