Search Results :

×
Sign Up Contact Us

Drupal REST & JSON
API Authentication

The Drupal REST & JSON API Authentication module prevents unauthorized access to your Drupal site’s APIs. For this, key API authentication methods used are Basic Authentication, API Key Authentication, JWT Authentication, and more.
Download Key Features Playground
Key Features Documentation
Schedule a call with expert
Documentation
Drupal REST & JSON API Authentication - Banner Image

Our Trusted Customers

See All Customers →

  • Drupal | Drupal Passwordless Authentication - NASA
  • Drupal | Drupal Passwordless Authentication - Nestlé
  • Drupal | Drupal Passwordless Authentication - Sony Pictures
  • Drupal | Drupal Passwordless Authentication - UNICC
  • Drupal | Drupal Passwordless Authentication - Vodafone
  • Drupal | Drupal Passwordless Authentication - Wipro
  • Drupal | Drupal Passwordless Authentication - University of Virginia

Setup Drupal REST API Authentication In 3 Simple Steps

wordpress media access control | Step1

Step 01

Download and Install

Access the module from the Drupal marketplace or our official website.

wordpress prevent direct access plugin | Step2

Step 02

Enable Authentication

Check the Enable Authentication checkbox to configure module.

wordpress media access control | Step3

Step 03

Select Authentication Method

Select your preferred authentication method.

Integrate REST API & JSON Authentication with Drupal in Minutes

Enable secure API-based authentication on your Drupal site using JSON and REST protocols—without complex configuration.

Request a Demo

Key API Authentication Methods

  • Basic Authentication

    miniOrange Drupal Landing Page || REST API Authentication

    Users can authenticate themselves using their username and password using the basic authentication method.

    Setup Guide

  • API Key Authentication

    miniOrange Drupal Landing Page || REST API Authentication

    In API Key Authentication, instead of using the user's password, a randomly generated unique key is used for each user.

    Setup Guide

  • OAuth 2.0 Authentication

    miniOrange Drupal Landing Page || REST API Authentication

    One of the secured authentication methods, where OAuth 2.0 protocol is used to generate an access token. This token authenticates access to your Drupal site API.

    Setup Guide

  • JWT Authentication

    miniOrange Drupal Landing Page || JWT Authentication

    To authenticate the users, the web application sends a Json Web Token (JWT) in the authorization header of an HTTP request to your server-side.

    Setup Guide

  • Third-Party Provider Authentication

    miniOrange Drupal Landing Page || JWT Authentication

    Restrict access to your Drupal REST API using third-party identity providers such as Facebook, Google, or LinkedIn. This technique allows you to configure the Drupal API authentication module with the identity provider, and authenticate all the API requests using the token from the identity provider.

    Setup Guide

Drupal 2FA methods

Key Features of Drupal REST API Authentication

Integrate SSO in a Headless System

Our module supports SSO integration for a decoupled Drupal site i.e. allowing your users to login to the Drupal site’s backend as well as the front-end.

Role-Based Access

The user's role helps to decide the level of access and permissions that you wish to grant to your REST APIs for the Drupal site.

Customize Token Expiry

This functionality allows you to customize token expiry time as per the requirement. The default time offered is 1 hour.

Signature Validation

Signature validation along with JWT Token validation is offered to maintain the token's integrity by verifying its origin. This helps to ensure the authentication and authorization of users to Drupal APIs.

Exclude REST APIs

Our module permits you to exclude some APIs that you don’t wish to authenticate anymore.

Custom Header

With this feature, you can change the default authorization header to another header.

Custom Certificate

This feature gives you the ability to add your own custom certificate for sending signed requests, and verifying signed responses.

Integrate SSO in a Headless System

Integrate SSO in a Headless System

Our module supports SSO integration for a decoupled Drupal site i.e. allowing your users to login to the Drupal site’s backend as well as the front-end.

Explore Drupal REST API & JSON Authentication Capabilities

Get the module and quickly configure your Drupal site to enable secure REST API and JSON-based authentication for seamless integration with external applications.

Download Now

Pricing Plans for Everyone

COMMUNITY

$0/Year

Only for one user

  • Supports JSON API module
  • Supports default REST APIs
  • API Key Authentication
  • Basic Authentication
ENTERPRISE
Most Popular

$399/Year

No. Of Instances:
  • Access Token-Based Authentication
  • JWT Based Authentication
  • 3rd Party/External IDP Token-Based Authentication
  • Custom Certificate Generation
  • Generate separate API Keys for every user
  • Supports restriction of custom APIs
  • Custom Authentication Header
  • Whitelist or Blacklist APIs
  • IP Address-Based Restriction
  • Role Based Restriction
SUITE

Let's Talk

    All features of the Premium plan +

  • Unlimited custom REST APIs with all HTTP methods
  • Advanced filtering and conditional logic
  • Role-based access per endpoint
  • Multiple advanced APIs with CRUD support
  • Support for XML, SOAP, GraphQL external APIs
  • Dependent APIs for token-based authentication flows

Frequently Asked Questions

FAQ | Module FAQsModule Inquiries

Does miniOrange store any user data?

miniOrange does not transfer any data out of your systems or store any Personal Identifiable Information (PII). All the modules are completely on premise. All the data remains within your premises / server. Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.

Does miniorange provide developer license for paid module?

We do not provide the developer license for our paid module and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the module which can be used by the developers to extend the module's functionality.

Does miniOrange offer technical support?

Yes, we provide 24*7 support for all and any issues you might face while using the module, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

How to activate the Premium Module on my Drupal Site?

  1. Once you complete the payment, go to the miniOrange Dashboard to download your premium module or followthe Composer installation steps.
  2. To activate the paid module, go to the Registration /Login tab and login with your miniOrange account for which you have purchased a license.
  3. Once you are logged in, it will ask you to enter your license key. Go to miniOrange Dashboard → License → View License Key to get your license key.

How can I free up my license Key?

You can remove the license key from the module by clicking on the Remove Account button from the Register/Login tab of the module.

FAQ | Legal DocumentsLegal Documents

GDPR Compliance

End User License Agreement

Privacy Policy

Security Practices

SOC Compliance

Want to Schedule a Demo?

mo-form

 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Hello there!

Need Help? We are right here!

support