The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.


Python SDK


The Akeyless SDK for Python makes it easy for you to integrate your Python applications, libraries, or scripts with the Akeyless Vault secret management services. The below Python code examples show a typical sequence of how to integrate secrets into your application.

Install and Import the Package

$ pip install git+
$ pip install git+[email protected]<version>
import akeyless

API host configuration

Akeyless Python SDK can be used either with a public API endpoint, or with a private Akeyless API Gateway (with or without customer fragments):

# using public API endpoint
configuration = akeyless.Configuration(
        host = ""

# using private Akeyless API Gateway cluster
configuration = akeyless.Configuration(
        host = ""

Setting up Akeyless client

api_client = akeyless.ApiClient(configuration)
api = akeyless.V2Api(api_client)


To access your Akeyless Vault, the API client must first authenticate. The following examples use API Key authentication:

body = akeyless.Auth(access_id='p-1234567890', access_key='aXQncyBvbmx5IGJhc2U2NC4uLgo=')
res = api.auth(body)

# if auth was successful, there should be a token
token = res.token

The received token should be provided for every request that requires authentication.

Akeyless Universal Identity
Another way to use the SDK is using Akeyless Universal Identity:

body = akeyless.GetSecretValue(names=['my-secret'], uid_token='<some-token>')
res = api.get_secret_value(body)

Please note that for Akeyless Universal Identity authentication you should use
uid_token, while for any other authentication method you should use token.

Cloud Identity
​If your code runs in the cloud, you can use cloud identity to authenticate:

$ pip install akeyless_cloud_id
from akeyless_cloud_id import CloudId

cloud_id = CloudId()
id = cloud_id.generate()

body = akeyless.Auth(access_id='p-1234567890', access_type='aws_iam',
res = api.auth(body)
token = res.token

In this case, make sure that you use access id of an "AWS IAM" authentication
method that grants sufficient access to the host you use to run the code.


Get static secret value(s):

body = akeyless.GetSecretValue(names=['secret-1', 'secret-2'], token=token)
res = api.get_secret_value(body)

Create a new static secret

body = akeyless.CreateSecret(name='new-secret', value='my-password', token=token)

Create a new Role

body = akeyless.CreateRole(token=token, name='dev-ro')

body = akeyless.SetRoleRule(capability=['list', 'read'], path='/dev/*',
        role_name='dev-ro', token=token)

for rule_type in ['role-rule', 'item-rule', 'auth-method-rule']:
    body.rule_type = rule_type

Create a new Authentication Method

body = akeyless.CreateAuthMethod(name='dev-api-key', token=token)
res = api.create_auth_method(body)


Associate a Role with an Authentication Method

body = akeyless.AssocRoleAuthMethod(am_name='dev-api-key', role_name='dev-ro',


Method reference

For more information, see the complete API documentation:

Updated about a month ago

Python SDK

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.