# Python Django: Accepting JWT

## Accepting JWT Tokens from IndustryApps

### Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps

JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.&#x20;

{% hint style="info" %}
Keycloak is an open source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services.
{% endhint %}

### Handling multiple JWT issuers with Django, Python

In this case, handling multiple JWT issuers for SSO can be configured by utilising `django-allauth` package (i.e `pip install django-allauth`).

Inside `settings.py` add in the required config for `allauth`, if this has not been added already.

{% code title="settings.py" overflow="wrap" lineNumbers="true" %}

```python
INSTALLED_APPS = [
    ...
    # The following apps are required:
    'django.contrib.auth',
    'django.contrib.messages',
    'django.contrib.sites',

    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    # if allauth is already installed, then keycloak as a provider should be added
    'allauth.socialaccount.providers.keycloak',
]
```

{% endcode %}

Django `allauth` requires the context request processor, inside `OPTIONS`.

```
'OPTIONS': {
            'context_processors': [
                # Already defined Django-related contexts here

                # `allauth` needs this from django
                'django.template.context_processors.request',
            ],
```

`AUTHENTICATION_BACKENDS` inside `settings.py` should include the following configuration.

```
AUTHENTICATION_BACKENDS = [
    ...
    # required for login by username in Django admin, regardless of `allauth` config
    'django.contrib.auth.backends.ModelBackend',

    # `allauth` specific authentication methods, such as login by e-mail etc
    'allauth.account.auth_backends.AuthenticationBackend',
    ...
]

```

As Django Admin uses the `auth contrib` application, the SSO can be integrated through the python-social-auth setting defined in the `settings.py` configuration file.

{% code title="settings.py" overflow="wrap" lineNumbers="true" %}

```python
SOCIALACCOUNT_PROVIDERS = {
    'keycloak': {
        'KEYCLOAK_URL': "https://iapp-keycloak/auth/realms/iapp-realm",
        'KEYCLOAK_REALM': 'IndustryApps'
    }
}

```

{% endcode %}

Inside `urls.py` be sure to include the url pattern for `allauth`.

{% code title="urls.py" overflow="wrap" lineNumbers="true" %}

```python
urlpatterns = [
    ....
    path('accounts/', include('allauth.urls')),
]
```

{% endcode %}

{% hint style="info" %}
Additional information about `django-allauth` in Django, Python [can be found here.](https://django-allauth.readthedocs.io/en/latest/overview.html)
{% endhint %}