GSA Entity API Python API Docs | dltHub
Build a GSA Entity API-to-database pipeline in Python using dlt with AI Workbench support for Claude Code, Cursor, and Codex.
Last updated:
The GSA SAM.gov Entity Management API is a REST API that provides access to entity registration and exclusion data (public, FOUO/CUI, and sensitive) from SAM.gov. The REST API base URL is Production endpoints: https://api.sam.gov/entity-information/v4/entities, https://api.sam.gov/entity-information/v3/entities, https://api.sam.gov/entity-information/v2/entities, https://api.sam.gov/entity-information/v1/entities, and for the Extracts API: https://api.sam.gov/data-services/v1/extracts and API Key required; System Accounts for higher-sensitivity data and some endpoints require HTTP Basic auth plus API Key..
dlt is an open-source Python library that handles authentication, pagination, and schema evolution automatically. dlthub provides AI context files that enable code assistants to generate production-ready pipelines. Install with uv pip install "dlt[workspace]" and start loading GSA Entity API data in under 10 minutes.
What data can I load from GSA Entity API?
Here are some of the endpoints you can load from GSA Entity API:
| Resource | Endpoint | Method | Data selector | Description |
|---|---|---|---|---|
| entity_search | entity-information/v4/entities | GET | results | Search entities (synchronous, paginated; v4 returns 'results' array) |
| entity_search_v3 | entity-information/v3/entities | GET | results | v3 search endpoint (returns 'results' array) |
| entity_search_v2 | entity-information/v2/entities | GET | results | v2 search endpoint (returns 'results' array) |
| entity_search_v1 | entity-information/v1/entities | GET | results | v1 search endpoint (returns 'results' array) |
| extracts | data-services/v1/extracts | GET | results | Request/download entity/exclusions extract metadata and file URLs (returns results array) |
| extracts_download | data-services/v1/extracts?fileName=...&api_key=... | GET | (response varies; JSON with download link) | Retrieve extract file status and download URL (token in URL requires api_key replacement) |
| entity_detail | entity-information/v4/entities/{uei} (or via query param) | GET | (top-level object) | Get single entity details (response is object with fields like coreData, entityRegistration) |
| file_status | data-services/v1/extracts/status | GET | results | Check status of asynchronous extract generation (returns results list) |
| reps_and_certs_pdf | entity-information/v?/entities?fileType=pdf | GET | (file stream or link) | Request PDF Reps & Certs for an entity |
| health | api.sam.gov/.../health or root | GET | (varies) | API health/info |
How do I authenticate with the GSA Entity API API?
Requests must include a valid API Key. Personal API keys are obtained from a user's SAM.gov profile (Public API Key). System Accounts require Basic Authentication (username/password) and an associated API Key for system-level access and IP whitelisting. Some extract downloads require replacing the REPLACE_WITH_API_KEY token in returned file URLs.
1. Get your credentials
- Register or sign in at https://sam.gov. 2) For Personal API Key: go to Profile -> Details -> Public API Key -> click eye icon, enter OTP emailed to you to reveal key. 3) For System Account: request a System Account via Workspace -> System Accounts widget; create and get approval, set password, then retrieve System Account API Key by entering the system password. 4) Ensure System Account has required permissions (read public, read fouo, read sensitive) and list allowed IP addresses.
2. Add them to .dlt/secrets.toml
[sources.gsa_entity_api_source] api_key = "your_sam_api_key_here" system_username = "your_system_account_id" system_password = "your_system_account_password"
dlt reads this automatically at runtime — never hardcode tokens in your pipeline script. For production environments, see setting up credentials with dlt for environment variable and vault-based options.
How do I set up and run the pipeline?
Set up a virtual environment and install dlt:
uv venv && source .venv/bin/activate uv pip install "dlt[workspace]"
1. Install the dlt AI Workbench:
dlt ai init --agent <your-agent> # <agent>: claude | cursor | codex
This installs project rules, a secrets management skill, appropriate ignore files, and configures the dlt MCP server for your agent. Learn more →
2. Install the rest-api-pipeline toolkit:
dlt ai toolkit rest-api-pipeline install
This loads the skills and context about dlt the agent uses to build the pipeline iteratively, efficiently, and safely. The agent uses MCP tools to inspect credentials — it never needs to read your secrets.toml directly. Learn more →
3. Start LLM-assisted coding:
Use /find-source to load data from the GSA Entity API API into DuckDB.
The rest-api-pipeline toolkit takes over from here — it reads relevant API documentation, presents you with options for which endpoints to load, and follows a structured workflow to scaffold, debug, and validate the pipeline step by step.
4. Run the pipeline:
python gsa_entity_api_pipeline.py
If everything is configured correctly, you'll see output like this:
Pipeline gsa_entity_api_pipeline load step completed in 0.26 seconds 1 load package(s) were loaded to destination duckdb and into dataset gsa_entity_api_data The duckdb destination used duckdb:/gsa_entity_api.duckdb location to store data Load package 1749667187.541553 is LOADED and contains no failed jobs
Inspect your pipeline and data:
dlt pipeline gsa_entity_api_pipeline show
This opens the Pipeline Dashboard where you can verify pipeline state, load metrics, schema (tables, columns, types), and query the loaded data directly.
Python pipeline example
This example loads entity_search and extracts from the GSA Entity API API into DuckDB. It mirrors the endpoint and data selector configuration from the table above:
import dlt from dlt.sources.rest_api import RESTAPIConfig, rest_api_resources @dlt.source def gsa_entity_api_source(api_key=dlt.secrets.value): config: RESTAPIConfig = { "client": { "base_url": "Production endpoints: https://api.sam.gov/entity-information/v4/entities, https://api.sam.gov/entity-information/v3/entities, https://api.sam.gov/entity-information/v2/entities, https://api.sam.gov/entity-information/v1/entities, and for the Extracts API: https://api.sam.gov/data-services/v1/extracts", "auth": { "type": "api_key (and http_basic for System Account username/password when required)", "api_key": api_key, }, }, "resources": [ {"name": "entity_search", "endpoint": {"path": "entity-information/v4/entities", "data_selector": "results"}}, {"name": "extracts", "endpoint": {"path": "data-services/v1/extracts", "data_selector": "results"}} ], } yield from rest_api_resources(config) def get_data() -> None: pipeline = dlt.pipeline( pipeline_name="gsa_entity_api_pipeline", destination="duckdb", dataset_name="gsa_entity_api_data", ) load_info = pipeline.run(gsa_entity_api_source()) print(load_info)
To add more endpoints, append entries from the resource table to the "resources" list using the same name, path, and data_selector pattern.
How do I query the loaded data?
Once the pipeline runs, dlt creates one table per resource. You can query with Python or SQL.
Python (pandas DataFrame):
import dlt data = dlt.pipeline("gsa_entity_api_pipeline").dataset() sessions_df = data.entity_search.df() print(sessions_df.head())
SQL (DuckDB example):
SELECT * FROM gsa_entity_api_data.entity_search LIMIT 10;
In a marimo or Jupyter notebook:
import dlt data = dlt.pipeline("gsa_entity_api_pipeline").dataset() data.entity_search.df().head()
See how to explore your data in marimo Notebooks and how to query your data in Python with dataset.
What destinations can I load GSA Entity API data to?
dlt supports loading into any of these destinations — only the destination parameter changes:
| Destination | Example value |
|---|---|
| DuckDB (local, default) | "duckdb" |
| PostgreSQL | "postgres" |
| BigQuery | "bigquery" |
| Snowflake | "snowflake" |
| Redshift | "redshift" |
| Databricks | "databricks" |
| Filesystem (S3, GCS, Azure) | "filesystem" |
Change the destination in dlt.pipeline(destination="snowflake") and add credentials in .dlt/secrets.toml. See the full destinations list.
Troubleshooting
Authentication failures
If your API Key is missing or invalid you'll receive 403 responses: messages indicate "No api_key was supplied" or "An invalid API key was supplied." For System Account endpoints, missing/invalid Basic Auth returns 401 Unauthorized.
Rate limits and quotas
Daily rate limits vary by account type: Personal keys default to 10 or 1,000 requests/day depending on role; System accounts can have up to 10,000/day for federal system users. Exceeding rate limits will cause request failures.
Pagination and size limits
The entity search endpoints return 10 records per page by default; size cannot exceed 10. Requests where page*size exceed 10,000 will return "Results Too Large" errors. JSON/CSV extract generation has a 1,000,000 record limit.
Extract file generation and token errors
Asynchronous extract requests return a file URL containing a token placeholder that must be replaced with a valid API Key. If the file is still processing, API returns messages like "File Processing in Progress". Tokens can expire — "Requested File is Expired and cannot be downloaded" errors indicate expired tokens.
Headers and content types
Missing or invalid Accept or Content-Type headers lead to 406 or 415 errors; acceptable Accept values include application/json and application/zip; Content-Type must be application/json for POSTs.
Ensure that the API key is valid to avoid 401 Unauthorized errors. Also, verify endpoint paths and parameters to avoid 404 Not Found errors.
Next steps
Continue your data engineering journey with the other toolkits of the dltHub AI Workbench:
data-exploration— Build custom notebooks, charts, and dashboards for deeper analysis with marimo notebooks.dlthub-runtime— Deploy, schedule, and monitor your pipeline in production.
dlt ai toolkit data-exploration install dlt ai toolkit dlthub-runtime install
Was this page helpful?
Community Hub
Need more dlt context for GSA Entity API?
Request dlt skills, commands, AGENT.md files, and AI-native context.