Skip to content

Auth

The auth surface exposes session-time identity operations: who am I, what can I do, and how to change my password. The actual login is lazy and invisible — calling client.tags.list() (or any method) fires the first POST to /auth/log_in.json automatically.

Operations

Method What it does
client.auth.whoami() Return the currently authenticated User.
client.auth.capabilities() The server's capability list for the session — feature toggles.
client.auth.change_password(old_password, new_password) Change current user's password; invalidates token and re-logs in on next call.
me = client.auth.whoami()
caps = client.auth.capabilities()
client.auth.change_password(old_password="hunter2", new_password="newpass!")

change_password updates the SDK's in-memory password store too — so the subsequent lazy re-login uses the new credentials transparently.

See also