Frontegg Python SDK

3.0.4 · active · verified Thu Apr 16

Frontegg is a web platform for SaaS companies to integrate managed SaaS features like authentication, authorization, and user management. The Python SDK, currently at version 3.0.4, provides tools to validate tokens, manage users, and integrate Frontegg services into Python applications. It's actively maintained with updates released based on feature development and bug fixes.

Common errors

```
AttributeError: type object 'FronteggConfig' has no attribute 'client_id'
```
cause You are attempting to access a FronteggConfig attribute (like `client_id`) before it has been set, or you are trying to instantiate `FronteggConfig` directly instead of setting its class attributes.

fix Ensure you set `FronteggConfig.client_id`, `FronteggConfig.api_key`, and `FronteggConfig.base_url` as class attributes before initializing `FronteggContext` or performing any operations.
```
frontegg.common.exceptions.FronteggException: Invalid Frontegg configuration
```
cause One or more essential Frontegg configuration parameters (client_id, api_key, base_url) are missing, empty, or malformed, preventing the SDK from initializing correctly.

fix Double-check that `FronteggConfig.client_id`, `FronteggConfig.api_key`, and `FronteggConfig.base_url` are correctly set with valid values obtained from your Frontegg Portal.
```
ModuleNotFoundError: No module named 'frontegg.sanity_middleware'
```
cause The `sanity_middleware` module was removed in Frontegg Python SDK v3.0.0 and its functionality consolidated.

fix Remove imports and usage of `frontegg.sanity_middleware`. Instead, control the middleware behavior using `FronteggConfig.middleware_access_strategy` (set to 'token' or 'cookie').
```
frontegg.common.exceptions.FronteggException: Token validation failed: Unauthorized
```
cause The provided JWT token is either invalid, expired, malformed, or signed by an issuer not recognized by your Frontegg configuration (e.g., wrong `base_url`).

fix Verify that the JWT token is valid and not expired. Ensure `FronteggConfig.base_url` correctly points to the Frontegg environment that issued the token, and that your `client_id` and `api_key` are accurate for that environment.

Warnings

breaking Major breaking changes were introduced in version 3.0.0. The configuration flow was completely revamped, core services were consolidated into `FronteggContext`, and framework-specific `Frontegg` classes (e.g., `frontegg.fastapi.Frontegg`) were removed. Additionally, the `frontegg.sanity_middleware` module was removed.
Fix: Review the official migration guide for v3.0.0. Update imports to use `from frontegg.frontegg import FronteggContext` and configure settings via `FronteggConfig` class attributes. Replace `sanity_middleware` usage with `FronteggConfig.middleware_access_strategy`.
gotcha FronteggConfig uses class attributes for its settings, making it a global configuration. This means you cannot easily manage multiple, distinct Frontegg configurations simultaneously within a single Python process (e.g., for different tenants requiring distinct API keys or base URLs).
Fix: Be aware of the global nature of `FronteggConfig`. For multi-tenant scenarios requiring isolated configurations, consider running separate processes or carefully managing configuration changes, though dynamically changing global settings per request is generally not recommended.
gotcha Direct usage of Frontegg SDK methods (e.g., for token validation) without proper integration into an asynchronous web framework (like FastAPI) might lead to blocking I/O if not correctly awaited in an `async` context. The SDK is largely designed with async operations in mind.
Fix: When using Frontegg SDK outside of framework decorators (`@with_authentication`), ensure that any potentially blocking network calls are either `await`ed in an `async` function or handled in a separate thread if your application is synchronous.

Install

pip install frontegg Install latest version

Imports

FronteggContext
wrong:
```
from frontegg.fastapi import Frontegg
```
correct:
```
from frontegg.frontegg import FronteggContext
```
The v3.x API consolidated core functionality into FronteggContext and deprecated framework-specific Frontegg classes like `frontegg.fastapi.Frontegg`.
FronteggConfig
wrong:
```
from frontegg import FronteggConfig
```
correct:
```
from frontegg.common.frontegg_config import FronteggConfig
```
FronteggConfig is located in the `frontegg.common.frontegg_config` submodule.
with_authentication
```
from frontegg.fastapi import with_authentication
```
Use framework-specific decorators for authentication middleware (e.g., from `frontegg.flask` or `frontegg.fastapi`).

Quickstart

This quickstart demonstrates how to configure and initialize the Frontegg Python SDK. It sets global configuration parameters using `FronteggConfig` class attributes and then creates an instance of `FronteggContext`, which uses these settings. While actual token validation or service calls require a valid JWT, this example ensures the basic setup is correct and environment variables are honored.

import os
from frontegg.frontegg import FronteggContext
from frontegg.common.frontegg_config import FronteggConfig

# 1. Configure Frontegg global settings
# Get your Client ID and API Key from the Frontegg Portal.
# Using environment variables is recommended for production.
FronteggConfig.client_id = os.environ.get('FRONTEGG_CLIENT_ID', 'FRONTEGG_CLIENT_ID_NOT_SET')
FronteggConfig.api_key = os.environ.get('FRONTEGG_API_KEY', 'FRONTEGG_API_KEY_NOT_SET')
FronteggConfig.base_url = os.environ.get('FRONTEGG_BASE_URL', 'https://api.frontegg.com')
FronteggConfig.middleware_access_strategy = 'token' # or 'cookie' depending on your setup

# 2. Initialize the FronteggContext (it uses the globally configured settings)
frontegg_context = FronteggContext()

# 3. Verify configuration (for demonstration purposes)
print("Frontegg SDK initialized.")
print(f"Configured Client ID: {FronteggConfig.client_id}")
print(f"Configured Base URL: {FronteggConfig.base_url}")

# In a real application, you would typically use `frontegg_context.token_service.validate_jwt()`
# or decorators like `@with_authentication` in web frameworks to protect routes.
# Example (requires a valid JWT token, which is not provided in this quickstart):
# try:
#     # For actual token validation, you'd need a real token, e.g., from an Authorization header
#     # user_info = frontegg_context.token_service.validate_jwt("YOUR_JWT_TOKEN")
#     # print(f"Token validated for user: {user_info.get('sub')}")
# except Exception as e:
#     # print(f"Token validation failed: {e}")
#     pass # Suppress error for runnable quickstart without a token

view raw JSON →