Modern Python SDK groundwork for TeamPasswordManager with safer API boundaries and maintainable packaging.

A Python Module for the TeamPasswordManager API

Requires: requests

You can install the tpm module via pip

pip install tpm

This is an example how you can use it in a python script

#! /usr/bin/env python
import tpm
# create a object for the connection settings
URL = "https://mypasswordmanager.example.com"
USER = 'example-user'
PASS = 'EXAMPLE_PASSWORD'
tpmconn = tpm.TpmApiv5(URL, username=USER, password=PASS)

# get a dictionary for all password entries
data = tpmconn.list_passwords()
# show all names from the password entries
for item in data:
    print (item.get('name'))

You can also use Private/Public Key authentication

#! /usr/bin/env python
import tpm
# create a object for the connection settings
URL = "https://mypasswordmanager.example.com"
pubkey = 'EXAMPLE_PUBLIC_KEY'
privkey = 'EXAMPLE_PRIVATE_KEY'
tpmconn = tpm.TpmApiv5(URL, private_key=privkey, public_key=pubkey)

# get a dictionary for all password entries
data = tpmconn.list_passwords()
# show all names from the password entries
for item in data:
    print (item.get('name'))

If you always want to unlock entries that are locked, you can specify an unlock reason

tpmconn = tpm.TpmApiv5(URL, username=USER, password=PASS, unlock_reason="Because I can!")

TLS certificates are verified by default (verify=True). To connect to a server with a self-signed certificate you can disable verification or point to a custom CA bundle:

# disable verification (not recommended)
tpmconn = tpm.TpmApiv5(URL, username=USER, password=PASS, verify=False)

# or verify against a custom CA bundle
tpmconn = tpm.TpmApiv5(URL, username=USER, password=PASS, verify="/path/to/ca-bundle.pem")

Use tpm.TpmApiv6 to talk to the v6 API. It inherits every function from the previous versions and adds the endpoints introduced in v6 (see the Functions explained section, marked (since v6)):

tpmconn = tpm.TpmApiv6(URL, username=USER, password=PASS)

Since v6 you can set the page size for paginated requests via the X-Page-Size header. Pass page_size (an integer between 5 and 1000) when creating the client:

tpmconn = tpm.TpmApiv6(URL, username=USER, password=PASS, page_size=100)

This repository uses pre-commit to keep public artifacts safe to publish. Install the hook once after cloning:

python3 -m pip install pre-commit
pre-commit install --install-hooks

Before opening a PR, run:

pre-commit run --all-files

The guard blocks accidental literal backslash-n text where real line breaks belong, local machine paths, internal workflow details, and obvious secret or auth-token values. Replace real values with placeholders or environment-variable references before publishing.

Every function call leads to a at least a logging message. If you want to log all your script does, you can do it like this:

import logging

# set log file and log level
logfile = 'MyLogFile.log'
loglevel = logging.INFO
logformat = '%(asctime)s - %(levelname)s - %(message)s'

logging.basicConfig(filename=logfile, level=loglevel, format=logformat)
# If you don't want the requests and urllib3 module to log too much
logging.getLogger("requests").setLevel(logging.WARNING)
logging.getLogger("urllib3").setLevel(logging.WARNING)

list_projects()

list_projects_archived()

list_projects_favorite()

list_projects_search(searchstring)

list_subprojects(ID)

list_subprojects_action(ID, action)

show_project(ID)

list_passwords_of_project(ID)

list_user_access_on_project(ID)

create_project(data)

update_project(ID, data)

change_parent_of_project(ID, NewParentID)

update_security_of_project(ID, data)

archive_project(ID)

unarchive_project(ID)

delete_project(ID)

list_passwords()

list_passwords_archived()

list_passwords_favorite()

list_passwords_search(searchstring)

show_password(ID)

list_user_access_on_password(ID)

create_password(data)

update_password(ID, data)

update_security_of_password(ID, data)

update_custom_fields_of_password(ID, data)

delete_password(ID)

lock_password(ID)

unlock_password(ID)

archive_password(ID)

unarchive_password(ID)

move_password(ID, PROJECT_ID)

list_mypasswords_archived()

list_mypasswords_favorite()

list_mypasswords()

list_mypasswords_search(searchstring)

show_mypassword(ID)

create_mypassword(data)

update_mypassword(ID, data)

delete_mypassword(ID)

set_favorite_password(ID)

unset_favorite_password(ID)

set_favorite_project(ID)

unset_favorite_project(ID)

Note: TpmApiv6 overrides these two to use the v6 endpoint favorite_projects/{ID}.json (plural); earlier versions use favorite_project/{ID}.json.

set_favorite_mypassword(ID)

unset_favorite_mypassword(ID)

move_mypassword(ID, PROJECT_ID)

list_users()

show_user(ID)

list_user_passwords(ID)

list_user_projects(ID)

show_me() who_am_i()

create_user(data)

create_user_ldap(data)

create_user_saml(data)

update_user(ID, data)

change_user_password(ID, data)

activate_user(ID)

deactivate_user(ID)

convert_user_to_ldap(ID, DN) convert_ldap_user_to_normal(ID)

convert_user_to_ldap(ID, DN, SERVER_ID)

convert_user_to_saml(ID)

delete_user(ID)

list_groups()

show_group(ID)

create_group(data)

update_group(ID, data):

add_user_to_group(GroupID, UserID)

delete_user_from_group(GroupID, UserID)

delete_group(ID)

list_project_files(ID)

list_password_files(ID)

upload_project_file(ID, file, notes="optional notes")

upload_password_file(ID, file, notes="optional notes")

show_file_info(ID)

update_file_notes(ID, NOTES)

max_upload_file_size()

download_file(ID)

delete_file(ID)

generate_password()

get_version() get_latest_version() up_to_date()

list_log()

list_log_search(searchstring)

• Contribution guide: CONTRIBUTING.md
• Security policy: SECURITY.md
• AI-agent guide: AGENTS.md
• License: LICENSE

If this Python SDK is useful to you, you can support its ongoing maintenance via bunq. Support is voluntary and appreciated, but does not create any entitlement to support, features, consulting, an SLA, or invoice-based work.