{"id":1696,"library":"requests-ntlm","title":"requests-ntlm: NTLM Authentication for Requests","description":"This package enables HTTP NTLM authentication for the popular Python requests library. It provides a simple `HttpNtlmAuth` class that integrates seamlessly with `requests.Session` for handling NTLM challenges. The current version is 1.3.0, and it follows an active maintenance cadence with releases addressing compatibility, security, and minor enhancements.","status":"active","version":"1.3.0","language":"en","source_language":"en","source_url":"https://github.com/requests/requests-ntlm","tags":["authentication","ntlm","requests","http","security"],"install":[{"cmd":"pip install requests-ntlm","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"Core HTTP library for which NTLM authentication is provided.","package":"requests","optional":false},{"reason":"Underlying library for SPNEGO/NTLM negotiation, introduced as a core dependency in v1.2.0.","package":"pyspnego","optional":false}],"imports":[{"symbol":"HttpNtlmAuth","correct":"from requests_ntlm import HttpNtlmAuth"}],"quickstart":{"code":"import requests\nfrom requests_ntlm import HttpNtlmAuth\nimport os\n\n# Replace with your NTLM-protected URL\nurl = os.environ.get('NTLM_TEST_URL', 'http://ntlm-protected-server.local/api/')\n\n# Replace with your NTLM credentials\nusername = os.environ.get('NTLM_USERNAME', 'DOMAIN\\\\user')\npassword = os.environ.get('NTLM_PASSWORD', 'your_password')\n\ntry:\n    session = requests.Session()\n    session.auth = HttpNtlmAuth(username, password)\n    response = session.get(url)\n    response.raise_for_status() # Raise an exception for bad status codes\n    print(f\"Successfully authenticated to {url}\")\n    print(\"Response content (first 200 chars):\\n\", response.text[:200])\nexcept requests.exceptions.RequestException as e:\n    print(f\"Error connecting or authenticating: {e}\")\nexcept Exception as e:\n    print(f\"An unexpected error occurred: {e}\")","lang":"python","description":"This quickstart demonstrates how to use `HttpNtlmAuth` with a `requests.Session`. It's crucial to correctly format the username (e.g., `DOMAIN\\username` or `user@domain.com`) and provide the corresponding password. The example uses environment variables for sensitive data for security and convenience."},"warnings":[{"fix":"Ensure your code explicitly catches and handles exceptions for HTTP errors or access denied scenarios. Review code that previously might have processed an empty or error response without an explicit exception.","message":"Starting with v1.3.0, `requests-ntlm` will now explicitly throw an exception (`requests.exceptions.HTTPError` or similar, potentially wrapped) in case of access denied, rather than silently returning an unsuccessful response or handling it internally. This changes error handling behavior.","severity":"breaking","affected_versions":">=1.3.0"},{"fix":"Upgrade to `requests-ntlm==1.3.0` or newer to ensure correct type annotation and `pyspnego` compatibility. This version sets the correct minimum `pyspnego` version (>=0.11.1).","message":"Versions prior to `v1.3.0` might suffer from issues related to type annotations or compatibility with certain `pyspnego` versions, potentially leading to runtime errors or incorrect behavior.","severity":"gotcha","affected_versions":"<1.3.0"},{"fix":"Verify that `pyspnego` is correctly installed and meets the minimum version requirements. Test your NTLM integrations thoroughly after upgrading to v1.2.0 or newer.","message":"The library underwent a significant internal migration to use `PySPNEGO` as its underlying NTLM provider in `v1.2.0`. While the public API (`HttpNtlmAuth`) was designed to remain compatible, subtle behavioral changes or new dependency requirements (`pyspnego`) might affect existing integrations, especially in edge cases or complex NTLM environments.","severity":"gotcha","affected_versions":">=1.2.0"},{"fix":"Upgrade to `requests-ntlm==1.1.0` or newer if you are using UPNs for NTLM authentication. Alternatively, ensure your username is in the `DOMAIN\\user` format for older versions.","message":"Versions of `requests-ntlm` prior to `v1.1.0` had issues correctly parsing User Principal Names (UPN) when passed as usernames (e.g., `user@domain.com`). This could lead to authentication failures.","severity":"gotcha","affected_versions":"<1.1.0"},{"fix":"Ensure your project's Python environment is running Python 3.8 or a later version. Use a tool like `pyenv` or virtual environments to manage Python versions.","message":"`requests-ntlm` explicitly requires Python 3.8 or newer. Attempts to install or run it on older Python versions will fail.","severity":"breaking","affected_versions":"<3.8 (Python)"}],"env_vars":null,"last_verified":"2026-04-09T00:00:00.000Z","next_check":"2026-07-08T00:00:00.000Z"}