APIs are the backbone of modern applications, enabling seamless integration between different systems. However, interacting with APIs often requires authentication, which varies across APIs. In this article, I’ll show you how to build a reusable Python function that supports Bearer Token, Basic Authentication, and APIs that require no authentication. By the end, you’ll have a handy function to fetch data regardless of the authentication method.
The Problem
When working with APIs, you often encounter different authentication methods:
- Bearer Token: Requires obtaining a token before accessing the API.
- Basic Authentication: Uses a username and password.
- No Authentication: Requires no special credentials.
Handling all these methods efficiently requires flexibility in your code. Let’s explore a solution!
Python Function Overview
We define a generic function fetch_api_data() which takes in:
- auth_type: The type of authentication (bearer_token, basic_auth, no_auth)
- api_details: Dictionary with endpoint URL, headers, credentials, etc.
- key_vault_config (optional): Used in basic_auth to fetch secrets from Azure Key Vault.
- Optional: Fetch credentials securely from Azure Key Vault
Install Required Libraries
The Solution: A Versatile Python Function
Here’s a Python function that can handle the most common authentication types and return the API data in JSON format.
Imports
This helper function get_secret_from_keyvault() securely retrieves secrets (like usernames, passwords, or tokens) from Azure Key Vault.
DefaultAzureCredential()automatically handles identity (e.g., managed identity, CLI login, etc.).SecretClientconnects to your Key Vault using the given URL.get_secret(secret_name).valuefetches the actual secret value by name.
Best Practice: Avoid hardcoding credentials. Instead, store them in Azure Key Vault and access them securely at runtime using this function.
The fetch_api_data() Function is a unified utility to fetch data from any REST API by handling different types of authentication methods
Example Use Cases
Let’s dive into how you can use this function with real-world examples.
1. Bearer Token Authentication
APIs requiring bearer tokens typically need you to fetch a token first. Here’s how you can use this function:
2. Basic Authentication
For APIs that use a username and password, provide the credentials as follows:
3. No Authentication
If the API doesn’t require authentication, just pass the URL and optional headers.
Output Examples
Here’s what the function might return for each case:
Bearer Token, Basic Auth, No Auth:
Conclusion
With this flexible utility, you can securely connect to APIs regardless of how they authenticate — from simple public endpoints to enterprise-level OAuth services.
Key benefits:
- Secret management with Azure Key Vault
- Centralized logic for API calls
- Support for all major auth types
Now, go ahead and integrate this function into your projects! Let me know in the comments if you’ve tried it or if you have questions.