
Security News
Meet Socket at Black Hat and DEF CON 2025 in Las Vegas
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
directory-api-client
Advanced tools
Great API client.
$ pip install directory-api-client
The api client expects the following settings:
Setting | Notes |
---|---|
DIRECTORY_API_CLIENT_BASE_URL | |
DIRECTORY_API_CLIENT_API_KEY | Unique to client. Retrieved during the on-boarding process. |
DIRECTORY_API_CLIENT_SENDER_ID | Unique to client. Retrieved during the on-boarding process. |
DIRECTORY_API_CLIENT_DEFAULT_TIMEOUT |
The following directory client core settings also apply to directory cms client:
Setting | Notes |
---|---|
DIRECTORY_CLIENT_CORE_CACHE_EXPIRE_SECONDS | Duration to store the retrieved content in the cache. |
DIRECTORY_CLIENT_CORE_CACHE_LOG_THROTTLING_SECONDS | Duration to throttle log events for a given url for. |
And the caching expects the following key in CACHES setting: api_fallback
Once that is done the API client can be used:
from directory_api_client.client import api_client
$ git clone https://github.com/uktrade/directory-api-client
$ cd directory-api-client
$ [create virtual environment and activate]
$ make test_requirements
Use make checks
to validate the codebase with black
and isort
, in dry-run mode
Use make autoformat
to run black
and isort
in file-updating mode
Where feasible the response is cached to the client's fallback cache. This allows retrieval later if API returns non successful response or times out.
When enabling the fallback cache on a handler make sure that the request's querystring or url path are unique per user, otherwise the User B's details could be leaked User A.
For example, api_client.company.profile_retrieve
looks up the company for the authenticated user. The authentication header is not used when generating the cache key for the response. This means for that endpoint the querystring and url are the same for all users, so the cache key would therefore also be the same for all users. This means if API was down then all users would see the company details for the last user to successfully retrieve their company.
The package should be published to PyPI on merge to master. If you need to do it locally then get the credentials from rattic and add the environment variables to your host machine:
Setting |
---|
DIRECTORY_PYPI_USERNAME |
DIRECTORY_PYPI_PASSWORD |
Then run the following command:
$ make publish
FAQs
Python client for Directory API.
We found that directory-api-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.