Python Compatibility Requirements
This product is not supported for your selected
Datadog site. (
).
App and API Protection capabilities
The following App and API Protection capabilities are supported in the Python library, for the specified tracer version:
| App and API Protection capability | Minimum Python tracer version |
|---|
| HTTP Monitoring | 1.16.0 |
| gRPC Monitoring | not supported |
| GraphQL Monitoring | not supported |
| Exploit Prevention | 2.20.0 |
| API Security | 4.6.0 |
| Account Takeover Protection | 2.11.0 |
| Runtime Activation | 1.6.0 |
| Runtime Software Composition Analysis (SCA) | 1.5.0 |
| Runtime Code Analysis (IAST) | 3.15.0 |
The minimum tracer version to get all supported App and API Protection capabilities for Python is 4.6.0.
The following capabilities are not yet supported: gRPC Monitoring, GraphQL Monitoring.
Note: AAP requires enabling Remote Configuration, which is included in the listed minimum tracer version.
Supported deployment types
| Deployment type | Support |
|---|
| Docker | |
| Kubernetes | |
| Amazon ECS | |
| AWS Fargate | |
| AWS Lambda | |
Language and framework compatibility
Supported Python versions
The Python App and API Protection Client library follows a versioning policy that specifies the support level for the different versions of the library and Python runtime.
Two release branches are supported:
| Release | Support level | Minimum Datadog Agent |
|---|
>=4.0,<5 | General Availability | 7.28 |
>=3.0,<4 | Maintenence (until May 31, 2026) | 7.28 |
>=2.0,<3 | End of Life | 7.28 |
<2 | End of Life | |
And the library supports the following runtimes:
| OS | CPU | Runtime | Runtime version | Supported ddtrace versions |
|---|
| Linux | x86-64, AArch64 | CPython | 3.9+ | >=4, <5 |
| MacOS | Intel, Apple Silicon | CPython | 3.9+ | >=4, <5 |
| Windows | 64bit, 32bit | CPython | 3.9+ | >=4, <5 |
| Linux | x86-64, i686, AArch64 | CPython | 3.8+ | >=3, <4 |
| MacOS | Intel, Apple Silicon | CPython | 3.8+ | >=3, <4 |
| Windows | 64bit, 32bit | CPython | 3.8+ | >=3, <4 |
| Linux | x86-64, i686, AArch64 | CPython | 3.7-3.13 | >=2,<3 |
| MacOS | Intel, Apple Silicon | CPython | 3.7-3.13 | >=2,<3 |
| Windows | 64bit, 32bit | CPython | 3.7-3.13 | >=2,<3 |
| Linux | x86-64, i686, AArch64 | CPython | 2.7, 3.5-3.11 | <2 |
| MacOS | Intel, Apple Silicon | CPython | 2.7, 3.5-3.11 | <2 |
| Windows | 64bit, 32bit | CPython | 2.7, 3.5-3.11 | <2 |
Integrations
The Python tracer includes support for the following frameworks, data stores and libraries.
Web framework compatibility
- Attacker source HTTP request details
- Tags for the HTTP request (status code, method, etc)
- Distributed Tracing to see attack flows through your applications
Tornado integration requires setting the DD_TRACE_TORNADO_ENABLED environment variable to true.
User Authentication Frameworks compatibility
Integrations to User Authentication Frameworks provide:
- User login events, including the user IDs
- Account Takeover detection monitoring for user login events
| Framework | Automatic User Event Tracking |
|---|
| Django | |
Networking framework compatibility
Data store compatibility
Datastore tracing provides:
- SQL attack detection
- Query info (for example, a sanitized query string)
- Error and stacktrace capturing
Note: App and API Protection also analyzes untrusted HTTP request input, so some protections can still apply even when a database integration is not listed here.
Filesystem compatibility
| Framework | Local File Inclusion (LFI) |
|---|
| pathlib | |
| builtins | |
Subprocess compatibility
| Framework | Command Injection | Shell Injection |
|---|
| subprocess | | |
| os | | |
