Search Results :

×
Sign Up Contact Us

Contents

Setup API Key Authentication in Drupal

API Key Authentication offers a simple and effective way to secure Drupal APIs. After generating API keys for users, these keys act as unique identifiers that help manage and safeguard access to your Drupal APIs. For authentication, the client must send the user’s Drupal username along with their API key in the Authorization header of each request. The Drupal API Authentication module verifies this combination before granting access. The module supports Drupal 8, 9, 10, and 11.

free trial plugin Download plugin pricing button schedule meeting button Schedule a Meeting
  • Download the module: 
    composer require 'drupal/rest_api_authentication'
  • Navigate to Extend menu on your Drupal admin console and search for REST & JSON API Authentication using the search box.
  • Enable the module by checking the checkbox and click on the Install button.
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
  • Install the module: 
    drush en drupal/rest_api_authentication
  • Clear the cache: 
     drush cr
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
Note and Contact Us - SSO betwee two WordPress sites

Note: Manual Installation only compatible with Drupal 7, Drupal 8, and Drupal 9.


  • Navigate to Extend menu on your Drupal admin console and click on Install new module.
  • Install the Drupal miniOrange API Authentication module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on install button.
  • You can configure the module at: 
    {BaseURL}/admin/config/people/rest_api_authentication/auth_settings
  • REST UI: This module provides a user-friendly interface to configure the REST module.
  • Enable the following Web Services modules from the Extend section (/admin/modules) of your Drupal site:
    • JSON:API
    • REST UI
    • RESTful Web Services
    • Serialization
Drupal API Authentication install the modules

  • The first step is to enable the API and assign the methods and operations allowed for that API. This can be done using the REST UI module, or by directly modifying the Drupal config.
  • Click on the Enable API button.
  • To enable the API using the REST UI module, click the Configure button (as shown below).
Drupal API Authentication REST UI Configure

  • In our example, we need to enable the /entity/user API. To do this, click the Enable option in front of it.
Drupal API Authentication user resources

  • Since our goal is to create a user in Drupal, select the following configurations:
    • Method: POST
    • Format: JSON
    • Authentication Provider: rest_api_authentication
  • This allows the miniOrange API Authentication module to authenticate the API. Click the Save Configuration button to continue.
Drupal API Authentication Resource Settings

  • In this step, we will generate an API Key. To do this, navigate to the API Authentication tab of the module (/admin/config/people/rest_api_authentication/auth_settings).
    • Under Basic Configuration, enable the Enable Authentication toggle.
    • Enter the Application Name and select API Key from the Authentication Method section.
Drupal API Authentication select API Authentication method

  • Scroll down to the API Key Configuration section on the same tab.
    • Select the Authentication Type from the dropdown.
    • In the Enter Username text field, type the username for which you want to generate the API key, then click the Generate button.
    • Once the API Key is generated, click the Save Configuration button at the bottom of the page.
    • Click the Save Configuration button.
      • Note and Contact Us

      Note: This is a premium feature. In the free version of the module, authentication is handled using a universal key.


    • If you want to generate key for all users, click the Generate Key for All Users button.
Drupal API Authentication Enter Username to create API key

  • You have successfully configured the API Key Authentication method.
    • Note and Contact Us

    Note: Use the application-specific unique header when authenticating the API.

Drupal API Authentication API Authentication method configured successfully

  • You can now view the generated API key in the API Key field of your user profile.
Drupal API Authentication API Authentication method configured successfully

  • If you want end users to also generate their API key, the API key management will be available to them if you enable the permission as shown in the image.
Drupal API Authentication API Authentication API Key permission

  • If needed, you can allow non-admin Drupal roles to create users. To do this, assign the Administer users permission to the desired roles from the Permissions page (/admin/people/permissions) of your Drupal site.
Drupal API Authentication API Authentication method configured successfully

  • For better understanding, let’s take an example of using API Key-based authentication with the create user API in Drupal.
    • Note and Contact Us

    Note: The /entity/user API in Drupal is used to create a new user.


  • To create a user in Drupal, you need to make a POST request with the user’s Drupal username and the API key issued by the miniOrange REST API Authentication module. The username and API key must be encoded in Base64 format. Refer to the example below to make the call.
    • HTML Request Format-

Request: POST  <your_drupal_base_url>/entity/user?_format=json

Header:      
             AUTH-METHOD: application_id
             Accept: application/json
             Content-Type: application/json
             API-KEY: base64_encoded<username:api-key>
             (The value should be Base64-encoded in the format: username:api-key.)

Body: 

                {
                "name": {
                    "value": "<username>"
                },
                "mail": {
                    "value": "<email>"
                },
                "pass": {
                    "value": "<password>"
                },
                "status": {
                    "value": "1"
                }
                }

CURL Request Format-

curl --location --request POST  ‘<your_drupal_base_url>/entity/user?_format=json' \
                --header 'AUTH-METHOD: application_id' \
                --header 'Accept: application/json' \
                --header 'Content-Type: application/json' \
                --header 'Authorization: Basic base64encoded<username:API key>’ \
                --data-raw '  

                {
                "name": [
                    { "value": "Username" }
                ],
                "mail": [
                    { "value": "email" }
                ],
                "pass": [
                    { "value": "Password" }
                ],
                "status": [
                    { "value": "1" }
                ]
                }
  • You can also refer to the Postman request image shown below
Drupal API Authentication Postman request

Drupal API Authentication Postman body request

  • A successful response will return the details of the user you created (see the image below).
Drupal API Authentication Postman Response created node

Congratulations! You have successfully set up the API Key Authentication method using the Drupal API Authentication module.

If the configuration was not successful, please contact us at drupalsupport@xecurify.com. Kindly include a screenshot of the error window, and we will assist you in resolving the issue and guide you through the setup.

ADFS_sso ×
Hello there!

Need Help? We are right here!

support