{"id":9355,"library":"taxii2-client","title":"TAXII 2 Client Library","description":"taxii2-client is a minimal Python client library for the Trusted Automated eXchange of Indicator Information (TAXII) 2.x specification. It supports both TAXII 2.0 and 2.1, enabling interaction with TAXII servers for cyber threat intelligence (CTI) exchange, including server discovery, API root information, collection management, and object retrieval/addition. It is currently at version 2.3.0 and is maintained by OASIS Open as an OASIS TC Open Repository.","status":"active","version":"2.3.0","language":"en","source_language":"en","source_url":"https://github.com/oasis-open/cti-taxii-client","tags":["taxii","stix","cyber security","threat intelligence","client","cti"],"install":[{"cmd":"pip install taxii2-client","lang":"bash","label":"Install latest version"}],"dependencies":[],"imports":[{"note":"Imports the TAXII 2.1 Server class by default from version 2.0.0 onwards.","symbol":"Server","correct":"from taxii2client.v21 import Server"},{"note":"Explicitly import for TAXII 2.0 compatibility if not using 2.1 features.","symbol":"Server (for v20)","correct":"from taxii2client.v20 import Server"},{"note":"Similarly, ApiRoot, Collection, and Status classes can be imported from v20 or v21 subpackages.","symbol":"ApiRoot","correct":"from taxii2client.v21 import ApiRoot"}],"quickstart":{"code":"import os\nfrom taxii2client.v21 import Server\n\n# Replace with your TAXII server URL and credentials\nTAXII_SERVER_URL = os.environ.get('TAXII_SERVER_URL', 'https://example.com/taxii2/')\nTAXII_USER = os.environ.get('TAXII_USER', 'guest')\nTAXII_PASSWORD = os.environ.get('TAXII_PASSWORD', 'guest_password')\n\ntry:\n    # Initialize the Server object\n    server = Server(TAXII_SERVER_URL, user=TAXII_USER, password=TAXII_PASSWORD)\n    print(f\"Connected to TAXII Server: {server.title}\")\n\n    # Iterate through API Roots\n    for api_root in server.api_roots:\n        print(f\"\\n  API Root: {api_root.title} ({api_root.versions})\")\n        \n        # Iterate through Collections in each API Root\n        for collection in api_root.collections:\n            print(f\"    Collection ID: {collection.id}, Title: {collection.title}, Can Read: {collection.can_read}\")\n\n            # Example: Fetching objects from a readable collection (optional)\n            if collection.can_read:\n                # This is a simplified example; real-world usage might require pagination (as_pages)\n                # and filtering. 'objects' attribute is lazy-loaded.\n                # objects_gen = collection.get_objects(limit=10) # For paginated requests\n                # for obj in objects_gen:\n                #     print(f\"        Object ID: {obj['id']}\")\n                pass\n\nexcept Exception as e:\n    print(f\"An error occurred: {e}\")","lang":"python","description":"This quickstart connects to a TAXII 2.1 server, authenticates, retrieves available API Roots, and then lists the collections within each root. It demonstrates basic server and API root discovery. Authentication details are stored in the `Server` instance for subsequent requests."},"warnings":[{"fix":"Upgrade your Python interpreter to version 3.5 or later.","message":"Version 2.2.0 dropped support for Python versions older than 3.5. Ensure your environment is running Python 3.5 or newer.","severity":"breaking","affected_versions":">=2.2.0"},{"fix":"Use `from taxii2client.v20 import Server` (or `ApiRoot`, `Collection`, etc.) for TAXII 2.0 compatibility.","message":"Starting with version 2.0.0, importing `taxii2client` directly will default to loading TAXII 2.1 classes (e.g., `from taxii2client.v21 import Server`). If you intend to work with TAXII 2.0, you must explicitly import from the `v20` subpackage.","severity":"gotcha","affected_versions":">=2.0.0"},{"fix":"Always use fully qualified and correctly formatted URLs. For example, 'https://example.com/taxii2/' instead of 'https://example.com/taxii2'.","message":"When constructing URLs for TAXII endpoints, ensure they are correctly formatted, including trailing slashes where expected by the server. Older versions had issues with missing trailing slashes, and while fixed in the client, server-side requirements remain.","severity":"gotcha","affected_versions":"<=0.5.0 (client-side fix), all versions (server-side dependency)"},{"fix":"Check `collection.can_read` or `collection.can_write` before attempting respective operations, or ensure your user credentials have the appropriate permissions on the TAXII server.","message":"Attempting to read from or write to a TAXII Collection without the necessary permissions will result in an `AccessError` exception. Collections have `can_read` and `can_write` attributes.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Verify that the `user` and `password` parameters (or other authentication methods like `auth` or `cert`) passed to the `Server` constructor are correct for the TAXII server you are connecting to. Ensure environment variables for credentials are set correctly.","cause":"The client failed to authenticate with the TAXII server due to incorrect or missing credentials (username/password/API key).","error":"taxii2client.exceptions.TAXIIServiceException: 401 Unauthorized"},{"fix":"Check the `can_read` and `can_write` attributes of the `Collection` object. Ensure the credentials used have sufficient privileges on the TAXII server for the desired operation.","cause":"The authenticated user lacks the necessary read or write permissions for the target TAXII collection.","error":"taxii2client.exceptions.AccessError: Attempt was made to read/write to a collection when the collection doesn't allow that operation."},{"fix":"Inspect the raw response content if possible (e.g., via `server._conn.get('your_url')._raw.text`) to diagnose the server's output. Contact the TAXII server administrator if the issue persists and appears server-side.","cause":"The TAXII server's response was not a valid JSON document, which can happen due to server errors or malformed responses.","error":"taxii2client.exceptions.InvalidJSONError: A server endpoint gave us invalid JSON."},{"fix":"Review the data you are sending to the TAXII server to ensure it complies with the STIX specification (e.g., STIX 2.1) and any server-specific validation rules for the target collection.","cause":"An operation, such as adding objects to a collection, involved data that did not conform to the expected schema or constraints (e.g., STIX format).","error":"taxii2client.exceptions.ValidationError: Data validation failed for a property or group of properties"}]}