Starting the CIAM migration process using Python

kyle
kyle Newcomer
edited December 2024 in Refinitiv Data Platform Libraries

We just learned about the need to upgrade to V2 authentication. We have generated a service account, and have a key. The next step is to ?replace? our existing Python client.

I assume we should be using the library here https://pypi.org/project/lseg-data/ ; it shows some examples. Are there a working versions of these examples? Stepping through the library code, it seems to be looking for a config file, and I assume that config file is some particular format. A working example would probably show that, along with other environment-specific configuration.

Thank you.

Tagged:

Answers

  • Jirapongse
    Jirapongse ✭✭✭✭✭

    @kyle

    Thank you for reaching out to us.

    If you directly a WebSocket API to retrieve real-time data from Real-Time Optimized, you can refer to the Real-Time WebSocket API: The Real-Time Optimized Version 2 Authentication Migration Guide article.

    If you would like to use LSEG Data Library, you can use the following configurations in the lseg-data.config.json file.

      },
    "sessions": {
        "default": "platform.ldp",
        "platform": {
            "ldp": {                
                "client_id": "<Client_ID>",
                "client_secret": "<Client_Secret>",
                "app-key": "<App Key>"
            },

    Then, I tested it with the EX-3.02.01-OMMStream-MarketPrice.ipynb example on GitHub.

  • kyle
    kyle Newcomer
    https://community.developers.refinitiv.com/discussion/comment/123060#Comment_123060

    Thank you for the quick reply.

    I am not using a jupiter notebook environment, I am using Python3.12 in docker (3.12.7-alpine3.20). Reading the examples (https://github.com/Refinitiv/websocket-api/tree/master/Applications/Examples/RDP/python), I assume the <clientId> mentioned in the docs is actually the service id from the "LSEG Platform Administration page" (https://platformadmin.refinitiv.com/Apps/platform-administration/)

    Is there an extra step required before I can use the Application ID and the generated secret?

    Thank you

    Here is my session:

    python3 market_price_rdpgw_client_cred_auth.py --clientid GE-N7RX5UH7R24U --clientsecret <deleted> 

    2024-11-29 16:42:02.219747 Sending authentication request with client credentials to  https://api.refinitiv.com/auth/oauth2/v2/token ...

    Refinitiv Data Platform authentication HTTP code: 401 Unauthorized

    Unrecoverable error: stopped retrying request

    Failed initial authentication with Refinitiv Data Platform. Exiting...

  • wasin.w
    wasin.w admin

    Hello @kyle

    The examples on Refinitiv/websocket-api Github repository are for the core https://developers.lseg.com/en/api-catalog/real-time-opnsrc/websocket-api . An application needs to handle everything (connection management, ping-pong message, subscription management, etc.) by itself.

    On the other hand, the https://developers.lseg.com/en/api-catalog/lseg-data-platform/lseg-data-library-for-python is the ease-of-use library that build on top of the WebSocket API. It can be used with any types of applications such as console application, Jupyter Notebook, back-end service, etc. We just provide examples as the Jupyter Notebook for developers on the https://github.com/LSEG-API-Samples/Example.DataLibrary.Python GitHub, but you can use it with a console application inside Docker.

    About your "I assume the <clientId> mentioned in the docs is actually the service id from the "LSEG Platform Administration page" (https://platformadmin.refinitiv.com/Apps/platform-administration/)" message, it is correct. The service id is the client-id.

    Back to the issue, the following message indicates that your credential does not have a permission to the authorize with the RDP Login service which is required by the RTO.

    2024-11-29 16:42:02.219747 Sending authentication request with client credentials to  https://api.refinitiv.com/auth/oauth2/v2/token ...

    Refinitiv Data Platform authentication HTTP code: 401 Unauthorized

    You can verify your RTO credential with the following cURL command:

    curl  -X POST \
    
  'https://api.refinitiv.com:443/auth/oauth2/v2/token' \
    
  --header 'Accept: */*' \
    
  --header 'Authorization: Bearer ' \
    
  --header 'Content-Type: application/x-www-form-urlencoded' \
    
  --data-urlencode 'client_secret={client secret}' \
    
  --data-urlencode 'client_id={client id}' \
    
  --data-urlencode 'grant_type=client_credentials' \
    
  --data-urlencode 'scope=trapi'

    I strongly suggest you contact your LSEG representative or Account manager to help you with this permission issue. It cannot be fixed programmatically.

  • kyle
    kyle Newcomer
    https://community.developers.refinitiv.com/discussion/comment/123097#Comment_123097

    Thank you very much for he curl command. I am able to get an access_token.

    { "expires_in":7199, "token_type":"Bearer", "access_token":"deleted"}

    I have contacted my Account manager to continue this conversion. My next step is to step through your client library with the debugger to figure out why market_price_rdpgw_client_cred_auth.py does not work.

Categories