Developer Documentation
  • Documentation Overview
  • Development Introduction
  • Getting Started
  • Fundamentals
    • Deploy an App via Pre-defined Sidecar
      • Sidecar Tutorial: Server-side
      • Sidecar Tutorial: Client-side
      • Sidecar Tutorial: Docker & Deploy
    • Deploy an App with Eureka
    • Design Guidance
  • Authentication
    • Accessing data exposed by the platform
    • Single Sign-On
      • Angular
      • Vue
      • Java Spring: Accepting JWT
      • Python Django: Accepting JWT
    • User and Role Identification
  • APIs | Data Integration
    • Submodel Index
    • Masterdata
    • Transactional data
  • Docker Information
    • Ruby Stack
    • Golang Stack
    • Node JS Stack
    • Java Spring Stack
    • Python Stack
  • Connect to the Platform
    • Integrate using Eureka Rest APIs
    • Use our Pre-built sidecar
    • Production deployment
  • Add-on Features
    • IApps-Navigation
  • Testing
  • FAQs | Troubleshooting
  • Registration
    • Application pre-requisites
      • Basic Requirements
    • Register Developer Account
    • Submit basic application info
    • Onboard Application
      • Submit Appstore details
        • App basic information
      • Configure Application
        • App Permission
        • App Data
        • AAS Instance
        • Licensing
        • Access Rights
        • Account Info
        • Terms Of Use
        • Pricing
      • Publish and test
        • Deploy
        • Register into Service Discovery
    • Publish to Marketplace
  • User Experience
  • The business model - How do I get paid?
  • References
    • IndustryApps - Intro
    • What is an Asset Administration Shell?
    • What is ECLASS?
      • How is ECLASS and Concept dictionary are used
    • Industry 4.0 standards
    • Customer Terms of Use
      • Subscription Order
    • Solution provider Terms of Use
      • Contract regions
      • Submission Form ( Solution provider)
Powered by GitBook
On this page
  • Accepting JWT Tokens from IndustryApps
  • Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps
  • Handling multiple JWT issuers with Django, Python
  1. Authentication
  2. Single Sign-On

Python Django: Accepting JWT

Accepting JWT Tokens from IndustryApps

Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps

JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.

Keycloak is an open source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services.

Handling multiple JWT issuers with Django, Python

In this case, handling multiple JWT issuers for SSO can be configured by utilising django-allauth package (i.e pip install django-allauth).

Inside settings.py add in the required config for allauth, if this has not been added already.

settings.py
INSTALLED_APPS = [
    ...
    # The following apps are required:
    'django.contrib.auth',
    'django.contrib.messages',
    'django.contrib.sites',

    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    # if allauth is already installed, then keycloak as a provider should be added
    'allauth.socialaccount.providers.keycloak',
]

Django allauth requires the context request processor, inside OPTIONS.

'OPTIONS': {
            'context_processors': [
                # Already defined Django-related contexts here

                # `allauth` needs this from django
                'django.template.context_processors.request',
            ],

AUTHENTICATION_BACKENDS inside settings.py should include the following configuration.

AUTHENTICATION_BACKENDS = [
    ...
    # required for login by username in Django admin, regardless of `allauth` config
    'django.contrib.auth.backends.ModelBackend',

    # `allauth` specific authentication methods, such as login by e-mail etc
    'allauth.account.auth_backends.AuthenticationBackend',
    ...
]

As Django Admin uses the auth contrib application, the SSO can be integrated through the python-social-auth setting defined in the settings.py configuration file.

settings.py
SOCIALACCOUNT_PROVIDERS = {
    'keycloak': {
        'KEYCLOAK_URL': "https://iapp-keycloak/auth/realms/iapp-realm",
        'KEYCLOAK_REALM': 'IndustryApps'
    }
}

Inside urls.py be sure to include the url pattern for allauth.

urls.py
urlpatterns = [
    ....
    path('accounts/', include('allauth.urls')),
]
PreviousJava Spring: Accepting JWTNextUser and Role Identification

Last updated 2 years ago

Additional information about django-allauth in Django, Python

can be found here.