I’m currently developing a standalone application using PySide, which is integrated with FPTR. At the moment, the app uses script-based authentication with a script key to log in. However, due to security concerns, I am looking to transition to a more secure user-based authentication method.
I understand that implementing SSO with web browser authentication can be quite complex and may require additional setup. Has anyone here made a similar transition? If so, could you point me towards any relevant resources, tutorials, or provide some guidance on how to get started?
That is on my to-do list for a couple of tools as well and I think the easiest way is to piggy back the authentication of SGTK . It should boil down to:
from tank.authentication import ShotgunAuthenticator
# create an authenticator
sa = ShotgunAuthenticator()
# Get a user object. If the authenticator system has already
# stored a default user belonging to a default shotgun site,
# it will simply return this. Otherwise, it will pop up a UI
# asking the user to log in.
user = sa.get_user()
# now the user object can be used to generate an authenticated
# Shotgun connection.
sg = user.create_sg_connection()
The advantage of this is that you use the same credentials as SG Desktop or SG Create. So if those are running in the back your tool does not need to ask for an extra set of credentials.
Unfortunately I have not tested this extensively in production yet, so I suspect there might be some hidden issues with this approach (I would highly appreciate if you post them here if you find any!) . Hope that helps!
need to verify myself at some point.