***

title: flask_decorator
slug: /reference/python/agents/configuration/auth-handler/flask-decorator
description: Flask decorator for protecting routes with authentication.
max-toc-depth: 3
---------------------

For a complete index of all SignalWire documentation pages, fetch https://signalwire.com/docs/llms.txt

[mcp-gateway]: /docs/server-sdks/reference/python/agents/cli/mcp-gateway

Flask decorator for protecting routes. Tries Bearer token, API key, and Basic Auth
in order. Returns a `401` response if all methods fail.

## **Parameters**

<ParamField path="f" type="Callable" required={true} toc={true}>
  The Flask view function to protect.
</ParamField>

## **Returns**

`Callable` -- The wrapped function that checks authentication before calling the
original view.

## **Example**

```python {11}
from flask import Flask
from signalwire.core.security_config import SecurityConfig
from signalwire.core.auth_handler import AuthHandler

security = SecurityConfig()
auth = AuthHandler(security)

app = Flask(__name__)

@app.route("/protected")
@auth.flask_decorator
def protected_route():
    return {"status": "authenticated"}
```

<Note>
  The Flask decorator is used by the
  [`mcp-gateway`][mcp-gateway] service.
  For agent-based applications, use the FastAPI dependency instead.
</Note>