Search Results :

×

Drupal REST & JSON
API Authentication

The Drupal REST & JSON API Authentication module prevents unauthorized access to your Drupal site’s APIs. For this, key API authentication methods used are Basic Authentication, API Key Authentication, JWT Authentication, and more.

Drupal 2FA/MFA

Our Trusted Customers

Nestle Logo Sony Pictures Logo UNICC Logo

Setup Drupal REST API Authentication In 3 Simple Steps

Drupal 2FA/MFA | Step1

Step 01

Download and Install

Access the module from the Drupal marketplace or our official website.


Drupal 2FA for Admin | Step2

Step 02

Enable Authentication

Check the Enable Authentication checkbox to configure module.


Drupal 2FA policy for End users | Step3

Step 03

Select Authentication Method

Select your preferred authentication method.

Step Image

Key API Authentication Methods

Basic Authentication

Users can authenticate themselves using their username and password using the basic authentication method.


Setup Guide    

API Key Authentication

In API Key Authentication, instead of using the user's password, a randomly generated unique key is used for each user.


Setup Guide    

OAuth 2.0 Authentication

One of the secured authentication methods, where OAuth 2.0 protocol is used to generate an access token. This token authenticates access to your Drupal site API.


Setup Guide    

JWT Authentication

To authenticate the users, the web application sends a Json Web Token (JWT) in the authorization header of an HTTP request to your server-side.


Setup Guide    

Third-Party Provider Authentication

Restrict access to your Drupal REST API using third-party identity providers such as Facebook, Google, or LinkedIn. This technique allows you to configure the Drupal API authentication module with the identity provider, and authenticate all the API requests using the token from the identity provider.


Setup Guide    
Drupal REST API Authentication methods

Key Features of Drupal REST API Authentication

Integrate SSO in a Headless System
Role-Based Access
Customize Token Expiry
Signature Validation
Exclude REST APIs
Custom Header
Custom Certificate
Drupal REST API - Integrate SSO in a Headless System

Integrate SSO in a Headless System

Our module supports SSO integration for a decoupled Drupal site i.e. allowing your users to login to the Drupal site’s backend as well as the front-end.

Drupal REST API - Role-Based Access

Role-Based Access

The user's role helps to decide the level of access and permissions that you wish to grant to your REST APIs for the Drupal site.

Drupal REST API - Customize Token Expiry

Customize Token Expiry

This functionality allows you to customize token expiry time as per the requirement. The default time offered is 1 hour.

Drupal REST API -Easry Integration

Signature Validation

Signature validation along with JWT Token validation is offered to maintain the token's integrity by verifying its origin. This helps to ensure the authentication and authorization of users to Drupal APIs.

Drupal REST API -Exclude REST APIs

Exclude REST APIs

Our module permits you to exclude some APIs that you don’t wish to authenticate anymore.

Drupal REST API - Custom Header

Custom Header

With this feature, you can change the default authorization header to another header.

Drupal REST API - Custom Certificate

Custom Certificate

This feature gives you the ability to add your own custom certificate for sending signed requests, and verifying signed responses.

Pricing Plans for Everyone

Transparent, Simple Pricing

Module supports Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

Contact us at

drupalsupport@xecurify.com

Free

List Price

$0
Try out the features

Supports JSON API module

Supports default REST APIs

API Key Authentication

Basic Authentication

Premium

List Price

$399/Year
No. of Instances:
All Features in Free+

Access Token-Based Authentication

JWT Based Authentication

3rd Party/External IDP Token-Based Authentication

Custom Certificate Generation

Generate separate API Keys for every user

Supports restriction of custom APIs

Custom Authentication Header

Whitelist or Blacklist APIs

IP Address-Based Restriction

Role Based Restriction

Knowledge Base

Everything You Need to Know

Drupal SAML SSO | Single Sign-On  Frequently Asked Questions

miniOrange does not transfer any data out of your systems or store any Personal Identifiable Information (PII). All* the modules are completely on premise. All the data remains within your premises / server. *Only for the Drupal 2FA module - We need to store the user's email address. For Risk Based Authentication, information such as device type, location, IP address, and time are necessary to identify the user and give access based on the risk.

We do not provide the developer license for our paid module and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the module which can be used by the developers to extend the module's functionality.

Yes, we provide 24*7 support for all and any issues you might face while using the module, which includes technical support from our developers. You can get prioritized support based on the Support Plan you have opted for. You can check out the different Support Plans here.

How Can We Help You?

See Documentation
Documentation

Learn how to setup the plugin

YouTube Videos
YouTube Videos

Watch how to setup the plugin

24/7 Support
24/7 Support

Connect with our support team

Want to Schedule a Demo?

Schedule a Demo?


 Thank you for your response. We will get back to you soon.

Something went wrong. Please submit your query again

Hello there!

Need Help? We are right here!

support