1   Welcome to zgw-auth-backend's documentation!

Version:	1.0.4
Source:	https://github.com/maykinmedia/zgw-auth-backend
Keywords:	zgw, vng, apis, drf
PythonVersion:	3.8

A Django REST framework authentication class for the ZGW API authentication pattern.

The ZGW Auth JWT includes claims for user_id and user_representation. This information can be used in your API to authenticate the actual end-user, even when using gateway APIs.

Contents

• 1   Welcome to zgw-auth-backend's documentation!
• 2   Features
• 3   Installation
  • 3.1   Requirements
  • 3.2   Install
• 4   Usage

2   Features

• Authenticates the end-user based on the user_id JWT claim
• Follows the auth spec for "API's voor zaakgericht werken"

3   Installation

3.1   Requirements

• Python 3.7 or higher
• setuptools 30.3.0 or above
• Django 2.2 or newer

3.2   Install

pip install zgw-auth-backend

Add it to your installed apps:

INSTALLED_APPS += ["zgw_auth_backend"]

Migrate:

python manage.py migrate

Optionally, you can add it to DRFs default backends:

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        ...,
        "zgw_auth_backend.authentication.ZGWAuthentication",
        ...,
    ],
}

4   Usage

Specify the authentication class on your view(s):

from rest_framework import views
from zgw_auth_backend.authentication import ZGWAuthentication

class MyView(APIView):
    authentication_classes = (ZGWAuthentication,)

1. Add the client credentials in the admin (client ID + secret)
2. Generate a ZGW auth JWT with the user_id claim, using the credentials from step 1
3. Make an API call to the endpoint, including the Authorization: Bearer <jwt> header
4. Verify that the user with user_id username is created if it didn't exist yet, or if it did, that request.user is now this user.