20👍
✅
Use the TokenAuthentication class, as documented here.
You’ll also want to setup appropriate permissions, probably using the IsAuthenticated class.
Edit: Apologies – re-reading you post it looks like you want a global secret key, not a per-user one. I’d suggest a custom permission class that checks for the request header and fails if it’s not present/not correct.
- [Django]-Django: Testing POST-based views with json objects
- [Django]-Extend base.html problem
- [Django]-How to limit fields in django-admin depending on user?
Source:stackexchange.com