Last updated
Was this helpful?
Last updated
Was this helpful?
Find the Python source code in the
Using token only to generate a new config (for later usage) requires at least one read operation to bind the token and fully populate config.json
Response
Type: Record[]
All Keeper records, or records with the given UIDs
This shortcut gets the password of a secret once that secret has been retrieved from Keeper Secrets Manager.
It is possible for multiple fields of the same custom type to appear on a single record, to differentiate these fields, the field label is required.
Response
Type: String
or String[]
the value or values of the field. Will be a single value only if the single=True
option is passed.
Type: string
or string[]
The value of the queried field
Record update commands don't update local record data on success (esp. updated record revision) so any consecutive updates to an already updated record will fail due to revision mismatch. Make sure to reload all updated records after each update batch.
Save Changes to a Secret
Each parameter indicates the min number of a type of character to include. For example, 'uppercase' indicates the minimum number of uppercase letters to include.
Upload File:
Creating the Keeper File Upload Object:
Upload File
Keeper File Upload From File
Type: string
The file UID of the attached file
Shared folder UID
Shared folder must be accessible by the Secrets Manager Application
You and the Secrets Manager application must have edit permission
There must be at least one record in the shared folder
Created records and record fields must be formatted correctly
TOTP fields accept only URL generated outside of the KSM SDK
Type: string
The record UID of the new record
The Python KSM SDK can delete records in the Keeper Vault.
To protect against losing access to your secrets when network access is lost, the Python SDK allows caching of secrets to the local machine in an encrypted file.
Setup and Configure Cache
In order to setup caching in the Python SDK, include a caching post function when creating a SecretsManager
object.
The Python SDK includes a default caching function in KSMCache
class which stores cached queries to a local file thus serving as a disaster recovery function (as long as there's network connectivity it always prefers network over cached data and will use cache only if web vault is inaccessible). You can create your own caching function using KSMCache
as a starting point - ex. one that prefers local cache over network access and provide own cache management (ex. refresh cached data once every 5 min)
The default caching function in KSMCache
class always stores last request only - ex. filtered request on UID1 but on disconnect request UID2 from same cache will return empty response (although UID2 may be shared to the same KSM app but it was not cached)
Updating a record from cache (or creating new record) invalidates cached record data and consecutive updates of the same record will fail. Batch updates work as long as they modify different records. Always follow up cached record updates with a call to get_secrets
function to refresh cache (and pull updated metadata from vault like the new record revision etc.)
Folders have full CRUD support - create, read, update and delete operations.
Downloads full folder hierarchy.
Response
Type: List[KeeperFolder]
Example Usage
Requires CreateOptions
and folder name to be provided. The folder UID parameter in CreateOptions
is required - UID of a shared folder, while sub-folder UID is optional and if missing new regular folder is created directly under the parent (shared folder). There's no requirement for the sub-folder to be a direct descendant of the parent shared folder - it could be many levels deep.
Example Usage
Updates the folder metadata - currently folder name only.
Example Usage
Removes a list of folders. Use force_deletion
flag to remove non-empty folders.
When using force_deletion
avoid sending parent with its children folder UIDs. Depending on the delete order you may get an error - ex. if parent force-deleted child first. There's no guarantee that list will always be processed in FIFO order.
Any folders UIDs missing from the vault or not shared to the KSM Application will not result in error.
Example Usage
Fields are found by type, for a list of field types see the documentation.
Custom fields are any field that is not part of the record type definition, but can be added by users. For a list of fields in each standard record type, see the documentation.
See to learn about Keeper Notation format and capabilities
Set field values using the method.
Fields are found by type, for a list of field types see the documentation. Some fields have multiple values, in these cases the value can be set to a list.
Fields are found by type, for a list of field types see the documentation.
See the for expected field formats for each record type
After record creation, you can upload file attachments using
Parameter
Type
Required
Default
Description
uids
String[]
Optional
None
Record UIDs to fetch
Parameter
Type
Required
Default
Description
field_type
String
Yes
Field type to get
single
boolean
Optional
False
Return only the first value
value
String
or String[]
Optional
None
If passed, set the value of the field to the given value
Parameter
Type
Required
Default
Description
label
String
Yes
Label of the custom field
field_type
String
Yes
Field type to get
single
boolean
Optional
False
Return only the first value
value
String
or String[]
Optional
None
If passed, set the value of the field to the given value
record_title
String
Yes
Record title to search for
Parameter
Type
Required
Default
Description
query
String
Yes
Keeper Notation query for getting a value from a specified field
Parameter
Type
Required
Default
Description
url
String
Yes
TOTP Url
record
KeeperRecord
Yes
Storage and query configuration
Parameter
Type
Required
Default
Description
field_type
String
Yes
Field type to get
single
boolean
Optional
False
Return only the first value
value
String
or String[]
Optional
None
If passed, set the value of the field to the given value
Parameter
Type
Required
Default
Description
label
String
Yes
Label of the custom field
field_type
String
Yes
Field type to get
single
boolean
Optional
False
Return only the first value
value
String
or String[]
Optional
None
If passed, set the value of the field to the given value
length
int
Optional
64
lowercase
int
Optional
0
uppercase
int
Optional
0
digits
int
Optional
0
specialCharacters
int
Optional
0
Parameter
Type
Required
Default
Description
file_path
String
Yes
Path to save file to
create_folders
boolean
No
False
Create folders in the file_path if not present
owner_record
KeeperRecord
Yes
The record to attach the uploaded file to
file
KeeperFileUpload
Yes
The File to upload
path
string
Yes
Path to the file to upload
file_name
string
No
None
What the name of the file will be in Keeper once uploaded
file_title
string
No
None
What the title of the file will be in Keeper once uploaded
mime_type
string
No
None
The type of data in the file. If none is provided, 'application/octet-stream' will be used
folder_uid
String
Yes
record
KeeperRecord
Yes
create_options
CreateOptions
Yes
record
KeeperRecord
Yes
record_uid
string
Yes
create_options
CreateOptions
Yes
The parent and sub-folder UIDs
folder_name
str
Yes
The Folder name
folders
List[KeeperFolder]
No
None
List of folders to use in the search for parent and sub-folder from CreateOptions
folder_uid
str
Yes
The folder UID
folder_name
str
Yes
The new folder name
folders
List[KeeperFolder]
No
None
List of folders to use in the search for parent folder
folder_uids
List[str]
Yes
The folder UID list
force_deletion
bool
No
False
Force deletion of non-empty folders
Detailed Python SDK docs for Keeper Secrets Manager
Parameter
Required
Description
Type
token
Yes
One Time Access Token
String
config
Yes
Storage Configuration
KeyValueStorage