Python SDK

A full reference of our Python SDK.

You can use our Python SDK to:

  1. Encrypt data at your server
  2. Run your Cages

You can use our Python SDK to encrypt data — rather than with Relay — and still send it to a third-party via Relay. Encrypting with our backend SDKs is best for developers who want to avoid the network latency of Relay and/or want to avoid sending plaintext data to Relay to be encrypted.

Encrypting data with our backend SDKs instead of Relay may expose you to greater compliance burden because plaintext data touches your server before it is encrypted. If you want to avoid sending plaintext data to Relay and want to reduce your compliance burden — by never having plaintext data touch your infrastructure — using our frontend SDKs to encrypt in the browser or on the client is best.

You don’t need to change your database configuration. You can store Evervault-encrypted data in your database as you would the plaintext version.


Our Python SDK is distributed via pypi, and can be installed using pip.

pip install evervault


import evervault
# Initialize the client with your team’s API key
evervault.api_key = '<YOUR_API_KEY>'
# Encrypt your data
encrypted = evervault.encrypt({ 'name': 'Alice' })
# Process the encrypted data in a Cage
result ='demo-cage', encrypted)


The Evervault Python SDK exposes two functions:

  • evervault.encrypt()


evervault.encrypt() encrypts data for use in your Cages. To encrypt data at the server, simply pass a dict or string into the evervault.encrypt() function. Store the encrypted data in your database as normal.

evervault.encrypt(data = dict | string)
datadict or stringData to be encrypted. lets you invoke a Cage with a given payload.

python = str, data = dict[, options = dict])
cageNamestringName of the Cage to be run.
datadictPayload for the Cage.
optionsdictOptions for the cage run.
asyncBooleanFalseRun your Cage in async mode. Async Cage runs will be queued for processing.
versionIntegerNoneSpecify the version of your Cage to run. By default, the latest version will be run.


You may configure the SDK to automatically route all outbound HTTPS requests through Relay by calling the relay() function. This currently supports requests made using the popular requests package.

# all further HTTPS requests made in your program will be routed through Relay

You may also optionally pass in a list of domains which you don't want to go through Relay, i.e. requests sent to these domains will not be decrypted.

evervault.relay(['', ''])
# requests sent to urls such as or
# will not be sent through Relay
ignore_domains (optional)list of stringsRequests sent to any of the domains in this list will not be sent through Relay