Django REST Framework API Key is a powerful library for allowing server-side clients to safely use your API. These clients are typically third-party backends and services (i.e. machines) which do not have a user account but still need to interact with your API in a secure way.
Features¶There are important security aspects you need to consider before switching to an API key access control scheme. We've listed some of these in Security caveats, including serving your API over HTTPS.
Besides, see Why and when to use API keys for hints on whether API keys can fit your use case.
API keys are ideal in the following situations:
They can also present enough security for authorizing internal services, such as your API server and an internal frontend application.
Warning
Please note that this package is NOT meant for authentication. You should NOT use this package to identify individual users, either directly or indirectly.
If you need server-to-server authentication, you may want to consider OAuth instead. Libraries such as django-oauth-toolkit can help.
Quickstart¶Install with pip:
pip install "djangorestframework-api-key==2.*"
Important
It is highly recommended to pin your dependency to the latest major version (as depicted above), as breaking changes may and will happen between major releases.
Add the app to your INSTALLED_APPS:
# settings.py
INSTALLED_APPS = [
# ...
"rest_framework",
"rest_framework_api_key",
]
Run the included migrations:
To learn how to configure permissions and manage API keys, head to the User Guide.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4