Python
Verify Syncanix agent intents in Python — Django, Flask, and FastAPI — with a local HMAC check on every tool call.
The Python SDK verifies the signed intent header for Django, Flask, and FastAPI. Apply the framework decorator or dependency on any route that exposes an agent action, and the verified payload is handed to your view.
Install
Add the package to your project with your language's package manager.
pip install syncanix-sdk[flask] # or [django], [fastapi]Configure the secret
The SDK verifies intents with your tenant's intent-signing secret. Store it as an environment variable — never commit it to source control — and load it where you register the SDK.
export SYNCANIX_INTENT_SECRET="your-intent-signing-secret"Verify intents
Register the SDK on the routes that expose agent actions. It verifies the X-Syncanix-Intent header before your handler runs, rejects any invalid or replayed call with a 403, and hands your handler the verified payload — including the acting tenant and user.
import os
from flask import Flask, g
from syncanix_sdk.flask_middleware import syncanix_verify_intent
app = Flask(__name__)
@app.route('/tools/refund', methods=['POST'])
@syncanix_verify_intent(secret=os.environ['SYNCANIX_INTENT_SECRET'])
def refund():
intent = g.syncanix_intent # verified IntentPayload
return {'tenantId': intent.tenantId}