Python SDK Authentication — ConformaESG Integration Service

The Python SDK authenticates only with bearer API keys or personal access tokens.

HTTP

Authorization: Bearer <api_key>

It does not perform browser login, manage cookies, handle CSRF tokens or create API keys.

Store tokens safely

Load tokens from environment variables or a secret manager:

Python
1import os
2
3from conformaesg import ConformaClient
4
5client = ConformaClient(
6    base_url=os.environ["CONFORMA_BASE_URL"],
7    api_key=os.environ["CONFORMA_API_KEY"],
8)

Do not hard-code tokens, print them, include them in exception messages or send them to logs. Use the smallest scopes required by the integration. See PAT Integration for token creation and rotation outside the SDK.

Authentication failures

Python
1from conformaesg import ConformaClient
2from conformaesg.errors import ConformaAuthenticationError, ConformaPermissionError
3
4client = ConformaClient.from_env()
5
6try:
7    client.suppliers.list(limit=20)
8except ConformaAuthenticationError as exc:
9    print("Token missing, expired or invalid", exc.request_id)
10except ConformaPermissionError as exc:
11    print("Token is valid but does not have the required scope", exc.request_id)

401 Unauthorized maps to ConformaAuthenticationError.

403 Forbidden maps to ConformaPermissionError.