Finally Understand Authentication in Django REST Framework

Tuesday 11:30 am, Salon F-H

About This Talk

Traditional Django handles user authentication for us. REST Framework? Not so much. The abundance of choice is overwhelming and typically THE biggest obstacle for newcomers.

This talk is a deep dive on authentication in Django REST Framework. We’ll start with an overview of HTTP and REST APIs before demonstrating how to implement the 4 built-in auth modes and their respective pros/cons. Special attention will be paid to common gotchas such as, Why do I need “both” TokenAuth and SessionAuth? What are JWTs?

Next we’ll implement a real-world REST auth setup that includes user registration, password reset/confirm, social auth, and endpoints for sign up, log in, and log out. The third-party packages django-rest-auth and django-allauth will be used .

By the end of the talk attendees will understand the basics of REST authentication, the tradeoffs involved, and walk away with a working implementation to jumpstart their future projects.

Photo of

William S. Vincent

William Vincent is a freelance software developer and the author of two books: Django for Beginners and REST APIs with Django. He came to coding later in life (30s!) after working as an early employee at Quizlet. Since then he has worked at multiple early-stage startups in the Boston area and taught computer science at Williams College. He writes regularly at