## Protect your backend APIs with Flask (Python) SDK Check out the repo on GitHub br Prerequisites Python ≥ 3.8 ### Install the SDK Before installation make sure that your app using the minimum Python version ``` pip install frontegg ``` ### Initialize Frontegg Regions The SDK defaults to Frontegg's EU region, in case you're running on one of the other regions, make sure to change the `FRONTEGG_API_GATEWAY_URL` to use your region's URL, instead of `api.frontegg.com`. br Import and initialize Frontegg along with your Flask application ```python from frontegg.flask import frontegg from flask import Flask fe_client_id = 'REPLACE_WITH_FRONTEGG_CLIENT_ID' fe_api_key = 'REPLACE_WITH_FRONTEGG_API_KEY' frontegg.init_app(fe_client_id, fe_api_key) app = Flask('my_first_frontegg_app') app.run() ``` ### Protect backend routes When using Frontegg's secure access, you can protect your baceknd routes using the authentication middleware ```python from flask import g from frontegg.flask.secure_access import with_authentication @app.get("/protected") @with_authentication(role_keys=['my-role'], permission_keys=['my-permission']) def protected(request): return g.user ``` br The `with_authentication` decorator gets the optional arguments `role_keys` and `permission_keys` to specify which roles and permissions are required in order to access the route. When using the `with_authentication` decorator, the user data will be set on the request context, as you can see in the example above. ### Use access tokens When using M2M authentication, access tokens will be cached by the SDK. By default access tokens will be cached locally, however you can use one other kind of cache: - redis #### Use Redis as your cache When initializing your context, pass an access tokens options object with your redis parameters ```python access_tokens_options = { cache: { type: 'redis', options: { host: 'localhost', port: 6379, password: '', db: 10, }, }, }; frontegg.init_app(fe_client_id, fe_api_key, options) ``` ### Cross-Origin resource sharing (CORS) In order to use Frontegg, it is required that your app will be able to handle CORS. It's easy to set up: br ```python from flask_cors import CORS CORS(app, supports_credentials=True) ``` ### Working with the REST API Frontegg offers a comprehensive REST API for your application. To use the API from your backend, you'll need to initialize the HTTP client with your credentials. br ```python // define your base url base_url = "https://api.frontegg.com/audits" http_client = HttpClient(client_id=, api_key=, base_url=base_url) ``` br The http client can now be used to make API requests to Frontegg's REST API (base on the provided base url). #### Using the audits client Frontegg’s Managed audit logs feature allows collecting custom audit logs that are specific for your application and displaying these in Frontegg's [self-service component](/ciam/guides/admin-portal/workspace-modules#audit-logs). #### Creating a new client ```python from frontegg.common.clients import AuditsClient, HttpClient, Severity http_client = HttpClient(client_id=, api_key=, base_url=frontegg_urls.audits_service['base_url']) audits_client = AuditsClient(http_client) ``` #### Sending audits using the client ```python audits_client.send_aud ``` ### Debugging Frontegg uses python 3 built-in [logging libary](https://docs.python.org/3/library/logging.html) to log useful debugging information. To utilize this functionality, add the variable `FRONTEGG_DEBUG`: ```python FRONTEGG_DEBUG=True ``` br Or configure it in the application: ```python from frontegg import frontegg_logger import logging frontegg_logger.setLevel(logging.DEBUG) ```