1

I have two separate django websites, let's call them A and B. regular users sign up in website B, and administrators use website A. website A sends some info to website B using django rest framework (in the A side, it's just a simple post request, api is implemented in website B)

so website B users have nothing to do with the api, and admins who send the info to B, are NOT users of website B.

what do you think is the best way to add authentication to this api? so that regular users cannot send garbage requests?

Improve this question

1 Answer 1

Reset to default
1

We have a similar set up. On your set up, I'd create a dedicated user on website B with a token for authentication. Then use the token to send the data you need from website A.

https://www.django-rest-framework.org/api-guide/authentication/#tokenauthentication

Make sure the endpoints only allow Token auth, and any other types you may need.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.