Using username and password safely in Python code

0

I’m using the Python requests library to make a call to an API that requires Windows Authentication. In C# I have always used the Directory Services, which has allowed me to avoid putting passwords in any of my code or configurations. From what I have found online, it seems that my only option in Python is to have a password somewhere. I have a service account that I will use, but I need to store the password securely. What is the best way to securely store and retrieve a service account password in Python without hard coding plain text?

The code that I am currently using is below. I have the username and password stored in plain text in my configuration:

auth = HttpNtlmAuth(
    config.ServiceAccount["Username"], 
    config.ServiceAccount["Password"]
    )

content = requests.post(call_string, json=parameters, auth=auth)

Edit: I should mention that this will not be a user-facing application. It will run as a batch job. So there will not be any way for a user to enter the username/password while running the application.