Python

The core integration points here are as follows:

Direct users to the Civic Auth login page
Set up an endpoint that the auth server should redirect to once complete
Set up middleware to ensure only logged-in users can access protected parts of your app.

Use these guides to set up Civic Auth with any of the most common Python web frameworks.

Installation

Install the Civic Auth Python SDK using pip:

pip install civic-auth

For framework-specific integrations:

pip install "civic-auth[fastapi]"

pip install "civic-auth[flask]"

pip install "civic-auth[django]"

If you're using the uv package manager:

uv add "civic-auth[fastapi]"

uv add "civic-auth[flask]"

uv add "civic-auth[django]"

Usage

The Civic Auth Python SDK provides a flexible API that works with any Python web framework. For framework-specific integrations, see the guides above.

Getting User Information on the Backend

Here are some examples of using the get_user function in popular Python server environments. Note - this snippet assumes you have followed the steps to integrate login with your app as described here.

from fastapi import Depends
from civic_auth.integrations.fastapi import create_auth_dependencies, create_auth_router

civic_auth_dep, get_current_user, require_auth = create_auth_dependencies(config)

@app.get("/admin/hello", dependencies=[Depends(require_auth)])
async def hello(user = Depends(get_current_user)):
    return f"hello {user.name}!"

from civic_auth.integrations.flask import get_civic_user, civic_auth_required

@app.route("/admin/hello")
@civic_auth_required
async def hello():
    user = await get_civic_user()
    return f"hello {user.name}!"

from civic_auth.integrations.django import civic_auth_required

@civic_auth_required
def hello(request):
    user = request.civic_user
    return HttpResponse(f"hello {user.name}!")

Getting the Access Token

Use CivicAuth-managed storage to retrieve tokens. Prefer the SDK helper that exposes a CivicAuth instance and call await civic.get_tokens() (auto-refreshes when needed). If your endpoint receives a bearer token from a frontend, you can also read it from the Authorization header.

# Preferred: via CivicAuth instance
tokens = await civic.get_tokens()  # { 'access_token': '...', 'id_token': '...', ... }
access_token = tokens["access_token"]

# Fallback: read bearer token from headers (example)
auth = request.headers.get("Authorization", "")
access_token = auth.removeprefix("Bearer ").strip()

info

Need structured validation? See the Pydantic AI recipe: /civic/recipes/pydantic-ai.

Installation​

Usage​

Getting User Information on the Backend​

Getting the Access Token​

Installation

Usage

Getting User Information on the Backend

Getting the Access Token