How to test Django REST Framework Login Protected API using postman?

django api django-rest-framework postman

21,741

Solution 1

You can use Basic Auth in POSTMAN. Refer to this screenshot:

You could change the HTTP Methods, URLs, Data Payload(under Body tab) etc in the POSTMAN console

UPDATE-1

After your comments, I tried to recreated the problem.What I did was:

created a view

 from rest_framework.views import APIView
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response

 class MySampleView(APIView):
     permission_classes = (IsAuthenticated,)

     def get(self, request):
         return Response(data={"status": True})

Added to urls.py

 urlpatterns = [
     url(r'^mysampleview/$', MySampleView.as_view())
 ]

And my POSTMAN response are below:

Authorization Screenshot

Header Screenshot

My conclusion

You may enter wrong credentials, or something else. I would suggest you open a new POSTMAN tab and repeat the procedure, also try to login Django admin using the same credential which is already used in POSTMAN.

Solution 2

If you want to use Basic Authentification to test Django REST API, it must be allowed in Django REST Framework settings:

'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.BasicAuthentication',
...

21,741

Author by

Shahzad Farukh

Passionate Python/Django development with over 4+ years of experience and over 6+ years in web development. I am able to handle projects from start to finish with minimal supervision because I have an excellent general sense of what a product should and shouldn't do. It's important to me to build long-term relationships with clients. I'm flexible with my working hours and happy to work closely with Project Manager. Technology stack. - Python, PHP, NodeJS - Python, Flask, Django, Django REST framework - Codeigniter, OpenCart, Interspire Cart, WordPress - AngularJS (1.x, 2)/Typescript, JavaScript, jQuery - HTML5/CSS3/LESS/SASS/Bootstrap/Websockets - PostgreSQL, MySQL, MongoDB - Google, PayPal, Facebook, Twitter API Integration - Zoho CRM - BigQuery, Extract, Transform and Load (ETL) DevOps (Ubuntu, Fedora, CentOS), - Apache, Nginx, - Clery, RabbitMQ, Sentry, Docker - AWS (S3, RDS, EC2) - Google Cloud - Git, BitBucket, GitHub, GitLab - Trello, Asana, Freedcamp

Updated on February 22, 2022

Comments

Shahzad Farukh about 2 years

I need to test REST API using postman. API is build using Django REST Framework. Only login user can get access to API. I am not able to find how I can send login credentials using postman. Thanks in advance.

class ApiMemberGroupNameList(views.APIView):
    permission_classes = (
        permissions.IsAuthenticated,
        RequiredOrgPermission,
        RequiredOrgStaffMemberPermission)

    def get(self, request, **kwargs):
        pk = kwargs.get('pk')
        hash = kwargs.get('hash')
        member_obj = get_object_or_404(Member.objects.filter(org__hash=hash, pk=pk))
        return Response(GroupListSerializer(member_obj.groups.all(), many=True).data)

Shahzad Farukh almost 6 years

I have tried this one but it's not working. Normally Django varifies authenticated a user through session and cookies.
JPG almost 6 years

Can you add your respective view.py?
Shahzad Farukh almost 6 years

Peter I have added view in question.
JPG almost 6 years

seems like you only added permission_classes in views. Did you add any other authentication methods in settings?
Shahzad Farukh almost 6 years

No, I am not using any other authentication model in settings. Even I remove permission classes except for IsAuthenticated. I still face the same issue.
Shahzad Farukh almost 6 years

I got the response forbidden