{"id":27597,"library":"auth0-api-python","title":"Auth0 API Python SDK","description":"Auth0's official SDK for verifying access tokens and securing Python APIs using Authlib. Current version: 1.0.0b9 (beta). Release cadence: periodic, pre-release stage.","status":"active","version":"1.0.0b9","language":"python","source_language":"en","source_url":"https://github.com/auth0/auth0-api-python","tags":["auth0","api","sdk","jwt","oauth","authentication","security"],"install":[{"cmd":"pip install auth0-api-python","lang":"bash","label":"Default install"},{"cmd":"pip install auth0-api-python==1.0.0b9","lang":"bash","label":"Exact version"}],"dependencies":[{"reason":"JWT verification and OAuth 2.0 primitives","package":"authlib","optional":false},{"reason":"Fetching JWKS keys from Auth0","package":"requests","optional":false},{"reason":"Optional Flask integration (example only, not required)","package":"flask","optional":true}],"imports":[{"note":"JwksFetcher is in the jwks_fetcher submodule, not top-level","wrong":"from auth0_api_python import JwksFetcher","symbol":"JwksFetcher","correct":"from auth0_api_python.jwks_fetcher import JwksFetcher"},{"note":"Exception classes are in the exceptions submodule","wrong":"from auth0_api_python import Auth0APIError","symbol":"Auth0APIError","correct":"from auth0_api_python.exceptions import Auth0APIError"},{"note":"TokenVerifier is in the token_verifier submodule","wrong":"from auth0_api_python import TokenVerifier","symbol":"TokenVerifier","correct":"from auth0_api_python.token_verifier import TokenVerifier"}],"quickstart":{"code":"import os\nfrom auth0_api_python.token_verifier import TokenVerifier\n\ndomain = os.environ.get('AUTH0_DOMAIN', 'your-tenant.auth0.com')\naudience = os.environ.get('AUTH0_AUDIENCE', 'https://your-api')\n\nverifier = TokenVerifier(\n    domain=domain,\n    audience=audience,\n    algorithms=['RS256']\n)\n\ntoken = \"your_access_token\"  # from Authorization header\npayload = verifier.verify(token)\nprint(payload)\n","lang":"python","description":"Initialize a TokenVerifier with your Auth0 domain and audience, then call verify() on a token."},"warnings":[{"fix":"Pin to exact version: auth0-api-python==1.0.0b9","message":"The SDK is in beta (1.0.0b9). APIs may change without warning. Pin to exact version in production.","severity":"gotcha","affected_versions":">=1.0.0b1, <1.0.0"},{"fix":"Use: from auth0_api_python.token_verifier import TokenVerifier","message":"The import path for TokenVerifier changed from auth0_api_python to auth0_api_python.token_verifier in the beta releases. Using the old path will raise ImportError.","severity":"breaking","affected_versions":">=1.0.0b5"},{"fix":"Check Authlib version: pip show authlib. If incompatible, upgrade: pip install 'authlib>=0.15,<1.0'","message":"The SDK requires Authlib which has its own version constraints. Ensure your environment has compatible Authlib version (>=0.15, <1.0).","severity":"gotcha","affected_versions":"all"},{"fix":"After verify(), check payload['exp'] against current time: if payload['exp'] < time.time(): raise ...","message":"TokenVerifier.verify() does NOT validate the token's expiration (exp claim) automatically. You must check it yourself.","severity":"gotcha","affected_versions":"all"}],"env_vars":null,"last_verified":"2026-05-09T00:00:00.000Z","next_check":"2026-08-07T00:00:00.000Z","problems":[{"fix":"Run: pip install auth0-api-python","cause":"SDK not installed or installed under a different name.","error":"ModuleNotFoundError: No module named 'auth0_api_python'"},{"fix":"Use: from auth0_api_python.token_verifier import TokenVerifier","cause":"Wrong import path; TokenVerifier is in token_verifier submodule.","error":"AttributeError: module 'auth0_api_python' has no attribute 'TokenVerifier'"},{"fix":"Verify AUTH0_DOMAIN is correct and your environment can reach https://{domain}/.well-known/openid-configuration","cause":"Network issue or invalid domain; domain not reachable.","error":"auth0_api_python.exceptions.Auth0APIError: Failed to fetch JWKS: HTTPSConnectionPool..."},{"fix":"Ensure token was issued by your Auth0 tenant and the algorithms parameter matches (e.g., algorithms=['RS256']). Check token's header for algorithm.","cause":"Token is not signed with the expected algorithm or key.","error":"auth0_api_python.exceptions.Auth0APIError: Token verification failed: Signature verification failed"}],"ecosystem":"pypi","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}