Authentication
Pydeck-carto supports two types of authentication using the carto-auth package:
Authentication using OAuth
Authentication using M2M file
OAuth
Use your CARTO account to authenticate with Python from a notebook (in local or remote), or from a Python script. This is available for any CARTO user.
from carto_auth import CartoAuth
carto_auth = CartoAuth.from_oauth()
The carto_auth object will be used to obtain the CartoLayer credentials.
This method supports the following parameters:
cache_filepath (str, optional): File path where the token is stored. Default “home()/.carto-auth/token_oauth.json”.
use_cache (bool, optional): Whether the stored cached token should be used. Default True.
open_browser (bool, optional): Whether the web browser should be opened to authorize a user. Default True.
M2M (advanced)
Use a file with M2M credentials to automatically login into a CARTO account. It can be uses for ETL processes .This is available for Enterprise CARTO users.
from carto_auth import CartoAuth
carto_auth = CartoAuth.from_m2m("./carto-credentials.json")
This method supports the following parameters:
filepath (str): File path of the CARTO credentials file.
cache_filepath (str, optional): File path where the token is stored. Default “home()/.carto-auth/token_m2m.json”.
use_cache (bool, optional): Whether the stored cached token should be used. Default True.
CARTO credentials file
To generate CARTO Auth tokens in carto-auth you need to create a carto_credentials.json file with the following content:
{
"api_base_url": "https://gcp-us-east1.api.carto.com",
"client_id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"client_secret": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
To obtain the file’s content, go to the Developers section in the CARTO Dashboard. More information in https://docs.carto.com/carto-user-manual/developers/carto-for-developers/#carto-for-developers.
API Base URL
You can directly copy the API Base URL. It will be different depending on the region where your account is located.
Built applications
Create a new “Machine to Machine” application to generate the Client ID and Client Secret.
Click on “+ Create new”.
Fill in the name and description. The URL is irrelevant in this case, so feel free to use something like https://example.domain.com.
Open the “Advanced Settings” menu.
In “Application Type” select “Machine to Machine”.
Click “Save” and check that your application is listed.
From the list, copy the new Client ID and Client Secret and add them into your credentials file.