FastAPI SDK

get401-fastapi wraps get401-core into clean, type-safe FastAPI dependencies for authentication, role-based access, and scope enforcement.

GitHub: get401/python-fastapi

Installation

pip install get401-fastapi

Setup

Create a single Get401Auth instance and reuse it across your application:

# auth.py
from get401_fastapi import Get401Auth
 
auth = Get401Auth(
    app_id="your-app-id",
    origin="https://yourapp.com",
)

Protecting Routes

Require authentication

from fastapi import FastAPI, Depends
from get401_core import TokenClaims
from .auth import auth
 
app = FastAPI()
 
@app.get("/me")
async def me(claims: TokenClaims = Depends(auth.require())):
    return {"user_id": claims.sub, "roles": claims.roles}

Require roles

# At least one role (default)
@app.get("/dashboard")
async def dashboard(claims: TokenClaims = Depends(auth.require_roles(["USER"]))):
    return {"user_id": claims.sub}
 
# All roles must be present
@app.delete("/admin/user/{user_id}")
async def delete_user(
    user_id: str,
    claims: TokenClaims = Depends(auth.require_roles(["ADMIN", "SUPERUSER"], require_all=True)),
):
    ...

Require scope

@app.post("/reports/export")
async def export_report(claims: TokenClaims = Depends(auth.require_scope("reports:export"))):
    ...

Optional authentication

Returns None for unauthenticated requests instead of raising 401:

from typing import Optional
 
@app.get("/feed")
async def feed(claims: Optional[TokenClaims] = Depends(auth.optional())):
    if claims:
        return personalized_feed(claims.sub)
    return public_feed()

Dependency Reference

Method	Returns	Description
`auth.require()`	`TokenClaims`	Valid token required - raises 401 otherwise
`auth.optional()`	`Optional[TokenClaims]`	Returns claims or None - never raises
`auth.require_roles(roles, require_all=False)`	`TokenClaims`	Valid token + role check - raises 403 on mismatch
`auth.require_scope(scope)`	`TokenClaims`	Valid token + scope check - raises 403 on mismatch

HTTP Responses

Situation	Status
Missing `aact` cookie	401
Expired token	401
Invalid / tampered token	401
Missing role or scope	403
get401 backend unreachable	503

← PreviousExpress SDK Next →Django SDK

FastAPI SDK#

Installation#

Setup#

Protecting Routes#

Require authentication#

Require roles#

Require scope#

Optional authentication#

Dependency Reference#

HTTP Responses#