API Client
This guide covers initializing and using the Phase to Phase API client for cloud-based network operations.
Full Example
View the complete code: 05_api_client.py
Overview
The Client class provides authenticated access to the Phase to Phase cloud API. It handles OAuth2 authentication and provides methods for remote network operations.
Initialization Methods
Method 1: Environment Variables (Recommended)
from pyptp import Client
# Requires PYPTP_CLIENT_ID and PYPTP_CLIENT_SECRET environment variables
client = Client()This is the recommended approach for production deployments. Credentials stay out of source code.
Required environment variables:
| Variable | Description |
|---|---|
PYPTP_CLIENT_ID | Your API client ID |
PYPTP_CLIENT_SECRET | Your API client secret |
Method 2: Credentials Object
from pyptp import Client, Credentials
creds = Credentials(client_id="your-client-id", client_secret="your-secret")
client = Client(credentials=creds)Useful when credentials come from a secrets manager or configuration system.
Method 3: Direct Parameters
client = Client(client_id="your-client-id", client_secret="your-secret")Convenient for scripts and development, but avoid hardcoding secrets in production code.
Method 4: Environment-Specific
client = Client.for_environment(
"acceptance",
client_id="your-client-id",
client_secret="your-secret",
)Use this when targeting different API environments.
Available environments:
| Environment | Purpose |
|---|---|
acceptance | Testing and integration |
test | Quality assurance |
production | Live operations |
Authentication
The client automatically handles OAuth2 token acquisition and refresh:
# Token is acquired automatically on first API call
# Manual token retrieval (if needed)
token = client.get_token()Token Management
Tokens are cached and automatically refreshed when expired. You typically don't need to manage tokens manually.
Security Best Practices
Environment Variables
# .env file (never commit to version control)
PYPTP_CLIENT_ID=your-client-id
PYPTP_CLIENT_SECRET=your-secret# Load with python-dotenv
from dotenv import load_dotenv
load_dotenv()
client = Client() # Reads from environmentSecrets Managers
# AWS Secrets Manager example
import boto3
import json
def get_pyptp_client():
sm = boto3.client("secretsmanager")
secret = json.loads(
sm.get_secret_value(SecretId="pyptp-credentials")["SecretString"]
)
return Client(
client_id=secret["client_id"],
client_secret=secret["client_secret"],
)Configuration Files
# config.yaml (encrypted or restricted access)
# pyptp:
# client_id: your-client-id
# client_secret: your-secret
import yaml
with open("config.yaml") as f:
config = yaml.safe_load(f)
client = Client(**config["pyptp"])Complete Example
"""API Client Usage Examples.
Shows different ways to initialize and use the Phase to Phase API client.
"""
from pyptp import Client, Credentials
# Method 1: From environment variables
# Requires PYPTP_CLIENT_ID and PYPTP_CLIENT_SECRET set in environment
client = Client()
# Method 2: Using Credentials object
creds = Credentials(client_id="your-client-id", client_secret="your-secret")
client = Client(credentials=creds)
# Method 3: Direct parameters
client = Client(client_id="your-client-id", client_secret="your-secret")
# Method 4: For specific environment (acceptance/test/production)
client = Client.for_environment(
"acceptance",
client_id="your-client-id",
client_secret="your-secret",
)
# Using the client
# token = client.get_token()
# networks = client.list_networks()