pypresscart

Auth¶

Access token introspection.

client.auth  # AuthResource

Methods¶

`whoami()`¶

Verify the current API token and return its metadata.

def whoami(
    *,
    as_json: bool | None = None,
) -> TokenInfo | dict

HTTP GET /auth/token Scope any valid token Returns TokenInfo. Key fields:

Field	Type	Description
`source`	`str`	`"api_token"` for tokens issued from the dashboard
`team_id`	`str`	UUID of the owning team
`token_type`	`"full_access"` \| `"custom"` \| `"read_only"`	See Authentication and Scopes
`scopes`	`list[str]`	Explicit scopes (empty for `full_access`)
`pro_pricing_enabled`	`bool`	Whether the team is on pro pricing

Example

info = client.auth.whoami()
print(info.team_id, info.token_type)
for scope in info.scopes:
    print("-", scope)

Errors

AuthenticationError (401) — token missing, malformed, expired, or revoked.

Recipes¶

Fail fast on missing scopes¶

REQUIRED = {"orders.create", "campaigns.update"}

info = client.auth.whoami()
missing = REQUIRED - set(info.scopes)
if info.token_type != "full_access" and missing:
    raise RuntimeError(f"token missing: {sorted(missing)}")

Log token metadata on startup¶

import logging
info = client.auth.whoami()
logging.info("presscart team=%s type=%s scopes=%s", info.team_id, info.token_type, len(info.scopes))