Authentication

DRF provides pluggable authentication schemes for securing APIs.

Official docs

Authentication — django-rest-framework.org

Built-in Schemes

Scheme	Use case
SessionAuthentication	Browser-based clients
TokenAuthentication	Simple token-based auth
JWT (via packages)	Stateless API auth

Configuration

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
}

Upstream Links

Permissions
Throttling

Built-in Schemes​

Configuration​

Upstream Links​

Built-in Schemes

Configuration

Upstream Links