API Documentation

class yubico_client.Yubico(client_id, key=None, verify_cert=True, translate_otp=True, api_urls=('https://api.yubico.com/wsapi/2.0/verify', 'https://api2.yubico.com/wsapi/2.0/verify', 'https://api3.yubico.com/wsapi/2.0/verify', 'https://api4.yubico.com/wsapi/2.0/verify', 'https://api5.yubico.com/wsapi/2.0/verify'), ca_certs_bundle_path=None)[source]

Returns a HMAC-SHA-1 signature for the given query string. http://goo.gl/R4O0E

generate_query_string(otp, nonce, timestamp=False, sl=None, timeout=None)[source]

Returns a query string which is sent to the validation servers.


Returns query string parameters as a dictionary.


Returns a response signature and query string generated from the server response. ‘h’ aka signature argument is stripped from the returned query string.

verify(otp, timestamp=False, sl=None, timeout=None, return_response=False)[source]

Verify a provided OTP.

  • otp (str) – OTP to verify.
  • timestamp (bool) – True to include request timestamp and session counter in the response. Defaults to False.
  • sl (int or str) – A value indicating percentage of syncing required by client.
  • timeout (int) – Number of seconds to wait for sync responses.
  • return_response (bool) – True to return a response object instead of the status code. Defaults to False.

True is the provided OTP is valid, False if the

REPLAYED_OTP status value is returned or the response message signature verification failed and None for the rest of the status values.

verify_multi(otp_list, max_time_window=5, sl=None, timeout=None)[source]

Verify a provided list of OTPs.

Parameters:max_time_window (int) – Maximum number of seconds which can pass between the first and last OTP generation for the OTP to still be considered valid.
verify_response(response, otp, nonce, return_response=False)[source]

Returns True if the OTP is valid (status=OK) and return_response=False, otherwise (return_response = True) it returns the server response as a dictionary.

Throws an exception if the OTP is replayed, the server response message verification failed or the client id is invalid, returns False otherwise.

class yubico_client.otp.OTP(otp, translate_otp=True)[source]

Class which holds data about an OTP.


Return modhex interpretation of the provided OTP.

If there are multiple interpretations available, first one is used, because if the OTP uses all 16 characters in its alphabet there is only one possible interpretation of that OTP.

Returns:Modhex interpretation of the OTP.
Return type:str