API Key Authentication

 Download    Know more

Setup Video:

Pre-requisites: Download and Installation:

• Download & install the Drupal REST & JSON API Authentication module.
• REST UI: This module provides you with a user interface for configuring the REST module. 
• Enable the following Web Services modules from under the Extend section(/admin/modules) of your Drupal site:
  • REST UI
  • RESTful Web Services
  • Serialization

Enable the API and assign methods and operations as follows:

• The first step is to enable the API and also assign methods and operations allowed on that particular API. This can be done using the REST UI module, or you can modify the config.
• To enable the API using the REST UI module, click the Configure button of the REST UI module (as shown below).

• In our example, we need to enable the /entity/user API. Do this by selecting the Enable option in front of it.

• Now, as our goal is to create a user in Drupal, select the following configs:
  • Method: POST
  • Format: json
  • Authentication provider: rest_api_authentication.
• Selecting rest_api_authentication allows the miniOrange REST API Authentication module to authenticate your /entity/user API. Click the Save configuration button to continue.

Setup API Key Authentication Method:

• In this step, we will generate an API Key. To do this, navigate to the API Authentication tab of the module (/admin/config/people/rest_api_authentication/auth_settings).
  • Under Basic Configuration, enable the Enable Authentication toggle.
  • Enter the Application Name and select API Key from the Authentication Method section.

• Scroll down to the API Key Configuration section on the same tab.
  • Select the Authentication Type from the dropdown.
  • In the Enter Username text field, type the username for which you want to generate the API key, then click the Generate button.
  • Once the API Key is generated, click the Save Configuration button at the bottom of the page.
  • Click the Save Configuration button.
  • If you want to generate a key for all users, click the Generate Key for All Users button.

• You have successfully configured the API Key Authentication method.

• You can now view the generated API key in the API Key field of your user profile.

• If you want end users to also generate their API key, the API key management will be available to them if you enable the permission, as shown in the image.

Grant Role Permissions to Create Users:

• If needed, you can allow non-admin Drupal roles to create users. To do this, assign the Administer users permission to the desired roles from the Permissions page (/admin/people/permissions) of your Drupal site.

That’s it! Now, let’s create a user in Drupal through an API call using the API key for authentication.

Example:

• To create a user in Drupal, make a POST request with the user’s username and the API key issued by the miniOrange REST API Authentication module. Both the username and API key must be in Base64-encoded format. Refer to the format below to make the call.

HTML Request Format-

Request: POST  <your_drupal_base_url>/entity/user?_format=json

Header:      
             AUTH-METHOD: application_id
             Accept: application/json
             Content-Type: application/json
             API-KEY: base64_encoded<username:api-key>
             (The value should be Base64-encoded in the format: username:api-key.)

Body: 

                {
                "name": {
                    "value": "<username>"
                },
                "mail": {
                    "value": "<email>"
                },
                "pass": {
                    "value": "<password>"
                },
                "status": {
                    "value": "1"
                }
                }

CURL Request Format-

curl --location --request POST  ‘<your_drupal_base_url>/entity/user?_format=json' \
                --header 'AUTH-METHOD: application_id' \
                --header 'Accept: application/json' \
                --header 'Content-Type: application/json' \
                --header 'Authorization: Basic base64encoded<username:API key>’ \
                --data-raw '  

                {
                "name": [
                    { "value": "Username" }
                ],
                "mail": [
                    { "value": "email" }
                ],
                "pass": [
                    { "value": "Password" }
                ],
                "status": [
                    { "value": "1" }
                ]
                }

• You can also refer to the Postman request image shown below.

• A successful response will return the details of the user you created (see the image below).

• If you receive an error in the response, refer to the table below for the error description and possible solutions.

Congratulations!!!! You can now authenticate any calls to your Drupal APIs using the API Key-Based Authentication method.

We hope you found this document useful and informative.