Starting the CIAM migration process using Python

kyle
kyle Newcomer

We just learned about the need to upgrade to V2 authentication. We have generated a service account, and have a key. The next step is to ?replace? our existing Python client.

I assume we should be using the library here https://pypi.org/project/lseg-data/ ; it shows some examples. Are there a working versions of these examples? Stepping through the library code, it seems to be looking for a config file, and I assume that config file is some particular format. A working example would probably show that, along with other environment-specific configuration.

Thank you.

Answers

  • Jirapongse
    Jirapongse ✭✭✭✭✭

    @kyle

    Thank you for reaching out to us.

    If you directly a WebSocket API to retrieve real-time data from Real-Time Optimized, you can refer to the Real-Time WebSocket API: The Real-Time Optimized Version 2 Authentication Migration Guide article.

    If you would like to use LSEG Data Library, you can use the following configurations in the lseg-data.config.json file.

      },
        "sessions": {
            "default": "platform.ldp",
            "platform": {
                "ldp": {                
                    "client_id": "<Client_ID>",
                    "client_secret": "<Client_Secret>",
                    "app-key": "<App Key>"
                },  
    

    Then, I tested it with the EX-3.02.01-OMMStream-MarketPrice.ipynb example on GitHub.

  • kyle
    kyle Newcomer

    Thank you for the quick reply.

    I am not using a jupiter notebook environment, I am using Python3.12 in docker (3.12.7-alpine3.20). Reading the examples (https://github.com/Refinitiv/websocket-api/tree/master/Applications/Examples/RDP/python), I assume the <clientId> mentioned in the docs is actually the service id from the "LSEG Platform Administration page" (https://platformadmin.refinitiv.com/Apps/platform-administration/)

    Is there an extra step required before I can use the Application ID and the generated secret?

    Thank you

    Here is my session:

    python3 market_price_rdpgw_client_cred_auth.py --clientid GE-N7RX5UH7R24U --clientsecret <deleted> 

    2024-11-29 16:42:02.219747 Sending authentication request with client credentials to  https://api.refinitiv.com/auth/oauth2/v2/token ...

    Refinitiv Data Platform authentication HTTP code: 401 Unauthorized

    Unrecoverable error: stopped retrying request

    Failed initial authentication with Refinitiv Data Platform. Exiting...

  • Hello @kyle

    The examples on Refinitiv/websocket-api Github repository are for the core https://developers.lseg.com/en/api-catalog/real-time-opnsrc/websocket-api . An application needs to handle everything (connection management, ping-pong message, subscription management, etc.) by itself.

    On the other hand, the https://developers.lseg.com/en/api-catalog/lseg-data-platform/lseg-data-library-for-python is the ease-of-use library that build on top of the WebSocket API. It can be used with any types of applications such as console application, Jupyter Notebook, back-end service, etc. We just provide examples as the Jupyter Notebook for developers on the https://github.com/LSEG-API-Samples/Example.DataLibrary.Python GitHub, but you can use it with a console application inside Docker.

    About your "I assume the <clientId> mentioned in the docs is actually the service id from the "LSEG Platform Administration page" (https://platformadmin.refinitiv.com/Apps/platform-administration/)" message, it is correct. The service id is the client-id.

    Back to the issue, the following message indicates that your credential does not have a permission to the authorize with the RDP Login service which is required by the RTO.

    2024-11-29 16:42:02.219747 Sending authentication request with client credentials to  https://api.refinitiv.com/auth/oauth2/v2/token ...

    Refinitiv Data Platform authentication HTTP code: 401 Unauthorized

    You can verify your RTO credential with the following cURL command:

    curl  -X POST \
    'https://api.refinitiv.com:443/auth/oauth2/v2/token' \
    --header 'Accept: */*' \
    --header 'Authorization: Bearer ' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --data-urlencode 'client_secret={client secret}' \
    --data-urlencode 'client_id={client id}' \
    --data-urlencode 'grant_type=client_credentials' \
    --data-urlencode 'scope=trapi'

    I strongly suggest you contact your LSEG representative or Account manager to help you with this permission issue. It cannot be fixed programmatically.

  • kyle
    kyle Newcomer

    Thank you very much for he curl command. I am able to get an access_token.

    { "expires_in":7199, "token_type":"Bearer", "access_token":"deleted"}

    I have contacted my Account manager to continue this conversion. My next step is to step through your client library with the debugger to figure out why market_price_rdpgw_client_cred_auth.py does not work.