{"id":8591,"library":"requests-ntlm2","title":"requests-ntlm2: NTLM Authentication for Requests","description":"requests-ntlm2 is a Python library that provides HTTP NTLM authentication support for the popular `requests` library. It is a fork of `requests-ntlm`, offering extended functionality, especially for NTLM proxy and server authentication. Currently at version 6.6.0, the library is actively maintained with regular updates to support modern Python environments and security protocols.","status":"active","version":"6.6.0","language":"en","source_language":"en","source_url":"https://github.com/dopstar/requests-ntlm2","tags":["requests","ntlm","authentication","proxy","http","windows","corporate network"],"install":[{"cmd":"pip install requests-ntlm2","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"Core HTTP library that requests-ntlm2 extends for NTLM authentication.","package":"requests","optional":false},{"reason":"Provides underlying SPNEGO/NTLM protocol support.","package":"pyspnego","optional":false}],"imports":[{"note":"requests-ntlm2 is a fork of requests-ntlm; ensure you import from the correct package.","wrong":"from requests_ntlm import HttpNtlmAuth","symbol":"HttpNtlmAuth","correct":"from requests_ntlm2 import HttpNtlmAuth"},{"note":"Required for NTLM authentication with HTTP CONNECT proxies.","symbol":"HttpNtlmAdapter","correct":"from requests_ntlm2 import HttpNtlmAdapter"},{"note":"Used to specify NTLM compatibility levels (e.g., NTLMv2, LM_AND_NTLMv1_WITH_ESS).","symbol":"NtlmCompatibility","correct":"from requests_ntlm2 import NtlmCompatibility"}],"quickstart":{"code":"import requests\nfrom requests_ntlm2 import HttpNtlmAuth\nimport os\n\n# Replace with your NTLM domain, username, and password\nNTLM_USERNAME = os.environ.get('NTLM_USERNAME', 'DOMAIN\\\\username')\nNTLM_PASSWORD = os.environ.get('NTLM_PASSWORD', 'password')\nTARGET_URL = os.environ.get('TARGET_URL', 'http://ntlm_protected_site.com')\n\n# Basic NTLM authentication\ntry:\n    auth = HttpNtlmAuth(NTLM_USERNAME, NTLM_PASSWORD)\n    response = requests.get(TARGET_URL, auth=auth)\n    response.raise_for_status() # Raise an exception for bad status codes\n    print(f\"Successfully authenticated to {TARGET_URL}. Status: {response.status_code}\")\n    # print(response.text[:200]) # Print first 200 characters of content\nexcept requests.exceptions.RequestException as e:\n    print(f\"Error during basic NTLM authentication: {e}\")\n\n# Using with a Session for efficiency (recommended for multiple requests)\nfrom requests import Session\nsession = Session()\nsession.auth = HttpNtlmAuth(NTLM_USERNAME, NTLM_PASSWORD)\n\ntry:\n    session_response = session.get(TARGET_URL)\n    session_response.raise_for_status()\n    print(f\"Successfully authenticated with session to {TARGET_URL}. Status: {session_response.status_code}\")\nexcept requests.exceptions.RequestException as e:\n    print(f\"Error during session NTLM authentication: {e}\")","lang":"python","description":"This quickstart demonstrates basic NTLM authentication with `requests-ntlm2` using `HttpNtlmAuth`. It also shows the recommended approach of using it with a `requests.Session` for improved efficiency and connection pooling. Replace placeholder environment variables with your actual NTLM credentials and target URL."},"warnings":[{"fix":"Ensure your project runs on Python 3.x (3.6+ is recommended as per PyPI classifiers for similar NTLM libraries).","message":"Version 6.6.0 removed support for Python 2.x. This version and future releases are strictly Python 3.x only. [cite: Changelog for 6.6.0]","severity":"breaking","affected_versions":">=6.6.0"},{"fix":"Specify the `ntlm_compatibility` parameter when initializing `HttpNtlmAuth`, using constants from `requests_ntlm2.NtlmCompatibility`. For example, `HttpNtlmAuth(username, password, ntlm_compatibility=NtlmCompatibility.LM_AND_NTLMv1_WITH_ESS)` for level 1.","message":"By default, `requests-ntlm2` uses NTLM compatibility level 3, which supports NTLMv2 only. Older NTLM environments might require a different compatibility level.","severity":"gotcha","affected_versions":"All"},{"fix":"Mount the `HttpNtlmAdapter` to your `requests.Session` for both `http://` and `https://` protocols when dealing with NTLM-authenticated proxies.","message":"For HTTPS CONNECT proxies requiring NTLM authentication, `HttpNtlmAuth` alone is insufficient. You must use `HttpNtlmAdapter` with a `requests.Session`.","severity":"gotcha","affected_versions":"All"},{"fix":"Always use `HttpNtlmAuth` in conjunction with a `requests.Session` object to leverage connection pooling and optimize NTLM authentication.","message":"Making multiple NTLM-authenticated requests without a `requests.Session` can be inefficient as each request performs a new NTLM challenge-response handshake.","severity":"gotcha","affected_versions":"All"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Use `HttpNtlmAdapter` with `requests.Session` and mount it to handle the proxy authentication: `session = requests.Session(); session.mount('https://', HttpNtlmAdapter(auth=HttpNtlmAuth(username, password)))`.","cause":"This error typically indicates that your HTTPS proxy requires NTLM authentication for the CONNECT method, but `requests-ntlm2` is not configured to handle it at the `httplib` level.","error":"ConnectionError: HTTPSConnectionPool(host='...', port=443): Max retries exceeded with url: / (Caused by ProxyError('Cannot connect to proxy.', error('Tunnel connection failed: 407 Proxy Authentication Required',)))"},{"fix":"Ensure `pip install requests-ntlm2` completed successfully. Check your working directory for any files that might shadow the installed package. If using a virtual environment, activate it.","cause":"The `requests-ntlm2` package is either not installed, or Python is trying to import it from a conflicting directory (e.g., a local file named `requests_ntlm2.py`).","error":"ImportError: No module named requests_ntlm2"},{"fix":"Verify the username (including domain, e.g., `DOMAIN\\username`) and password. Experiment with different `NtlmCompatibility` levels if the credentials are known to be correct but still failing.","cause":"This usually means the NTLM credentials provided are incorrect, or the server's NTLM configuration does not accept the client's authentication attempt (e.g., unsupported NTLM compatibility level).","error":"requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: ..."}]}