diff options
| author | Tom Christie | 2014-02-20 14:55:10 +0000 |
|---|---|---|
| committer | Tom Christie | 2014-02-20 14:55:10 +0000 |
| commit | 33f1cd24cd84cc7e0ec2a76d1d8fed04dd401435 (patch) | |
| tree | 9133e49c5a33b7700d987e94b78055d2b92e2258 /api-guide/authentication.html | |
| parent | a7dad0da01613595b33793979a45e64e3a7a9ef7 (diff) | |
| download | django-rest-framework-33f1cd24cd84cc7e0ec2a76d1d8fed04dd401435.tar.bz2 | |
Latest docs build
Diffstat (limited to 'api-guide/authentication.html')
| -rw-r--r-- | api-guide/authentication.html | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/api-guide/authentication.html b/api-guide/authentication.html index f99b8a2c..2265deb1 100644 --- a/api-guide/authentication.html +++ b/api-guide/authentication.html @@ -186,6 +186,7 @@ <li><a href="#django-oauth-toolkit">Django OAuth Toolkit</a></li> <li><a href="#django-oauth2-consumer">Django OAuth2 Consumer</a></li> <li><a href="#json-web-token-authentication">JSON Web Token Authentication</a></li> +<li><a href="#http-signature-authentication">HTTP Signature Authentication</a></li> <div> @@ -481,6 +482,8 @@ class ExampleAuthentication(authentication.BaseAuthentication): <p>The <a href="https://github.com/Rediker-Software/doac">Django OAuth2 Consumer</a> library from <a href="https://github.com/Rediker-Software">Rediker Software</a> is another package that provides <a href="https://github.com/Rediker-Software/doac/blob/master/docs/integrations.md#">OAuth 2.0 support for REST framework</a>. The package includes token scoping permissions on tokens, which allows finer-grained access to your API.</p> <h2 id="json-web-token-authentication">JSON Web Token Authentication</h2> <p>JSON Web Token is a fairly new standard which can be used for token-based authentication. Unlike the built-in TokenAuthentication scheme, JWT Authentication doesn't need to use a database to validate a token. <a href="https://github.com/GetBlimp">Blimp</a> maintains the <a href="https://github.com/GetBlimp/django-rest-framework-jwt">djangorestframework-jwt</a> package which provides a JWT Authentication class as well as a mechanism for clients to obtain a JWT given the username and password.</p> +<h2 id="http-signature-authentication">HTTP Signature Authentication</h2> +<p>HTTP Signature (currently a <a href="https://datatracker.ietf.org/doc/draft-cavage-http-signatures/">IETF draft</a>) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to <a href="http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Amazon's HTTP Signature scheme</a>, used by many of its services, it permits stateless, per-request authentication. <a href="https://github.com/etoccalino/">Elvio Toccalino</a> maintains the <a href="https://github.com/etoccalino/django-rest-framework-httpsignature">djangorestframework-httpsignature</a> package which provides an easy to use HTTP Signature Authentication mechanism.</p> </div><!--/span--> </div><!--/row--> </div><!--/.fluid-container--> |