Getting Authorization to Access Stride API Through a Python Script



I am trying to use a Python script to interact with the Stride API, but I keep getting a 401 error. HTTPBasicAuth is not working for me. I put in my username as my email and my pass as my API token. I also tried putting my pass as my normal password to login. Could someone explain to me how I can use my Python script to interact with the API?

I am trying to interact across multiple rooms with my script.

If it helps, I am using the “requests” Python library to simplify things.

Thank you

EDIT: By “interact across multiple rooms” I just mean that I am going to be iterating through a lot of rooms and getting the room members so I can then DM them. The only global operation would be a “getConversationList” call so that I can get all the conversations and iterate through them.



We only support OAuth2 2LO for the stride API.


If you use the requests_oauthlib library there are some good examples.

  1. Install the package
    pip install requests_oauthlib
  2. Follow along with the examples in their docs.

Our tokens expire after an hour, so you’ll need to implement the refresh logic also.

Pystride example

pystride is a Stride client implementation in Python that has an implementation of OAuth2 2LO that you can look at on lines 21-47.

2LO vs 3LO Authentication

Also, so you are aware, you will only be able to see the conversations your application is installed in until we have 3-legged OAuth (3LO) completed. A good article that explains the difference between 2LO and 3LO is “2-legged vs. 3-legged OAuth”.

Let me know if you have any further questions.

Jon Ross


What do you mean that I will only be able to see the conversations that my application is installed in? I don’t mean that I am making a plug in; I am making a script that (could for instance) be run from my desktop. Do you mean that I have to use one of the “plug-in” apps for Stride that you can attach to each room that you create?



there are 2 options to authenticate with the Stride API. They’re described here:

You can generate an API access token for a room
This token will give you access to this room (and this room only)

We do not have site-wide tokens (tokens that would let you call the API for all conversations in a site).

You can build an app
This gives you an OAuth client ID and secret that you can use to generate API access tokens. The app can be added by users in rooms, which gives your app access to these rooms. That’s what Jon called “2LO” above.