Python Django: Accepting JWT

Accepting JWT Tokens from IndustryApps

Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps

JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.

Keycloak is an open source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services.

Handling multiple JWT issuers with Django, Python

In this case, handling multiple JWT issuers for SSO can be configured by utilising django-allauth package (i.e pip install django-allauth).

Inside add in the required config for allauth, if this has not been added already.
    # The following apps are required:

    # if allauth is already installed, then keycloak as a provider should be added

Django allauth requires the context request processor, inside OPTIONS.

            'context_processors': [
                # Already defined Django-related contexts here

                # `allauth` needs this from django

AUTHENTICATION_BACKENDS inside should include the following configuration.

    # required for login by username in Django admin, regardless of `allauth` config

    # `allauth` specific authentication methods, such as login by e-mail etc

As Django Admin uses the auth contrib application, the SSO can be integrated through the python-social-auth setting defined in the configuration file.
    'keycloak': {
        'KEYCLOAK_URL': "https://iapp-keycloak/auth/realms/iapp-realm",
        'KEYCLOAK_REALM': 'IndustryApps'

Inside be sure to include the url pattern for allauth.
urlpatterns = [
    path('accounts/', include('allauth.urls')),

Additional information about django-allauth in Django, Python can be found here.

Last updated