Hello, I am trying to implement authentication in django rest framework and I'm having some trouble to do so, I am using keycloak, the frontend user communicates directly with the auth server (keycloak) and receives the two tokens (auth and refresh) aftewards the frontend will send a request to the backend while including the token as bearer, how can I validate the token in the backend (DRF)?
#implement authentication in django with keycloak
plush tinsel
zealous sequoia
I'm not familiar with Keycloak, but it seems you need to build an authentication class. If Keycloak has a way for you to intercept the token on the backend, and validate that it is indeed valid through an API call or SDK? That may be what you're looking for.
One thing you may want to consider if instead of creating the token on the client. Have the server(DRF) generate the token and pass it to the client, not vice versa. Hope this helps.
worldly moth
It is already mentioned in the documentation clearly.