Passwork Python connector 0.2.0

The new release brings independent token lifecycle management, flexible SSL certificate verification, and multi-URL support for password items.

Token lifecycle management

Previously, the only way to extend an active session was to call the full token refresh — which replaced both the access token and the refresh token at once. Version 0.2.0 introduces two new methods for independent, fine-grained control over session lifetime.

update_access_token()

Extends the access token using the current access token, without touching the refresh token. Useful when you want to keep a long-lived session alive in a background service without cycling the refresh token.

result = client.update_access_token()
# result contains: accessToken, accessTokenExpiredAt

update_refresh_token()

Extends the refresh token using the current refresh token, without affecting the access token. Useful in scripts that run infrequently and need to maintain a valid refresh token between runs.

result = client.update_refresh_token()
# result contains: refreshToken, refreshTokenExpiredAt

Both methods automatically update the internal client state and re-save the session file if one is configured.

SSL certificate verification

The PassworkClient now accepts a string path as the verify_ssl parameter in addition to True and False. This allows you to specify a custom CA certificate bundle — useful in corporate environments with internal PKI or self-signed certificates.

# Use system default CA bundle (default behavior)
client = PassworkClient("https://passwork.example.com", verify_ssl=True)

# Use a custom CA bundle
client = PassworkClient("https://passwork.example.com", verify_ssl="/etc/ssl/certs/ca-bundle.crt")

# Disable verification (not recommended for production)
client = PassworkClient("https://passwork.example.com", verify_ssl=False)

Multiple URLs per item

Password items now expose a urls field — a list of all URLs associated with the item. The existing url field (primary URL) remains unchanged for backward compatibility.

item = client.get_item(item_id)

print(item["url"])   # https://example.com  (primary)
print(item["urls"])  # ["https://example.com", "https://staging.example.com"]

Requirements

  • Python ≥ 3.10
  • Passwork 7 server
You can find all information about Passwork updates in our release notes
Spring 2026 EU cybersecurity update: What changed
Spring 2026 brought the EU’s most significant institutional breach, its first cyber sanctions of the year, and four major cybersecurity regulations enforcing simultaneously. NIS2, DORA, CRA, and CSA2 now set hard deadlines — and real penalties. Here’s what changed, who’s affected, and what to do.
Passwork BlogAlex Muntyan
Brute force attacks in 2026: Types, examples & how to prevent them
GPU clusters, AI-assisted wordlists, botnets of 2.8M devices. Brute force has scaled. This guide covers six attack variants, real-world cases from 2025, and a layered defense strategy your team can implement today.
Passwork BlogAlex Muntyan
NIS2 latest news: What changed and what it means for EU businesses
84% of in-scope organizations admit they’re not ready. Belgium set the first conformity assessment deadline on April 18, 2026. The Netherlands is days away from enforcement. Here’s where the regulatory wave stands and what IT leaders need to act on now.
Passwork BlogAlex Muntyan