axioms-drf-py is a Python package for Django Rest Framework (DRF) which helps you to secure your DRF APIs using Axioms Authentication and Authorization.
- Python 3.7+
- An Axioms client which can obtain access token after user's authentication and authorization and include obtained access token as bearer in
Authorizationheader of all API request sent to Python/Flask application server.
axioms-drf-py in you DRF API project,
.env file in your main Django app and add following configs,
In your Django project
Guard Your API Views
Use authentication and permission classes to guard you API views.
|Checks if API request includes a valid bearer access token as authorization header. Check performed includes: token signature validation, expiry datetime validation, and token audience validation.|
|Check any of the given scopes included in |
|Check any of the given roles included in |
|Check any of the given permissions included in |
profilescope present in the token
sample:rolerole present in the token
- Check permission present in the token at API method level
To see a complete working example download DRF sample from our Github repository or simply deploy to Heroku by clicking following button. You will need to provide Axioms domain and Axioms audience to complete deployment.