Python SDK Guide
Python SDK for Beltic credential validation, signing, and verification with full feature parity to the TypeScript SDK.
The Python SDK provides the same capabilities as the TypeScript SDK for validating, signing, and verifying FACT credentials. It includes full support for HTTP Message Signatures (Web Bot Auth), trust chain verification, and advanced features like selective disclosure (SD-JWT).
Coming Soon: The Python SDK (beltic-sdk) is currently in development. The package name and API may change before release. For now, use the CLI or TypeScript SDK for production workflows.
Features
- Validate DeveloperCredential and AgentCredential against v1 schemas
- Sign credentials as JWS/JWT with ES256 or EdDSA
- Verify signed credentials with the 7-step verification process
- Trust Chain verification with policy enforcement
- Status List 2021 revocation checking
- HTTP Message Signatures (RFC 9421) for Web Bot Auth
- Selective Disclosure (SD-JWT) for privacy-preserving credentials
- Multi-Signature support for credentials requiring multiple signers
- Audit Logging with pluggable handlers
- Rich errors with paths, rule IDs, and suggestions
Installation
pip install beltic-sdkRequirements
- Python >= 3.10
- cryptography >= 41.0
- pyjwt[crypto] >= 2.8
- jsonschema >= 4.20
- pydantic >= 2.5
- httpx >= 0.25
Quick Start
from beltic import (
validate_developer_credential,
sign_credential,
verify_credential,
generate_key_pair,
ValidationError,
SignOptions,
VerifyOptions,
)
# Generate keys
private_key, public_key = generate_key_pair("EdDSA")
# Validate a credential
result = validate_developer_credential(credential_data)
if not result.ok:
raise ValidationError(result.errors)
# Sign a credential
token = sign_credential(
result.value,
private_key,
SignOptions(
alg="EdDSA",
issuer_did="did:web:beltic.com",
subject_did="did:web:developer.example.com",
key_id="did:web:beltic.com#key-1",
),
)
# Verify a credential
async def key_resolver(input):
return public_key
verified = await verify_credential(
token,
VerifyOptions(key_resolver=key_resolver),
)
print("Verified:", verified.credential["legalName"])Guides
Installation
Install and configure the Python SDK
Validation
Validate credentials against JSON schemas
Signing & Verification
Sign and verify credentials with JWS
Trust Chains
Verify agent-developer trust chains with policies
API Reference
Complete Python API documentation
Comparison with TypeScript SDK
The Python SDK maintains feature parity with the TypeScript SDK:
| Feature | TypeScript | Python |
|---|---|---|
| Validation | validateDeveloperCredential | validate_developer_credential |
| Signing | signCredential | sign_credential |
| Verification | verifyCredential | verify_credential |
| Trust Chain | verifyAgentTrustChain | verify_agent_trust_chain |
| HTTP Signing | signHttpRequest | sign_http_request |
| Key Directory | generateKeyDirectory | generate_key_directory |
| Status List | decodeStatusList | decode_status_list |
| SD-JWT | createSdJwt | create_sd_jwt |
| Multi-Sig | MultiSigCredential | MultiSigCredential |
| Audit | AuditLogger | AuditLogger |
Both SDKs use the same JSON schemas and produce interoperable JWS tokens. A credential signed with the Python SDK can be verified with the TypeScript SDK and vice versa.