[Django]-What is the difference between permission_classes and authentication_classes in django rest framework generic API Views

0👍

After removing TokenAuthentication class you are able to access the api because then drf is using session authentication and browser handles the sessions for you. When you use TokenAuthentication then you need to add token in header of request which is not done by browser. thats why you are getting { "detail": "Authentication credentials were not provided." }.
try this api from postman by adding the token in headers then it will work.

headers will be like:-

Authorization: Token your-token

check this for token authentication.
https://www.django-rest-framework.org/api-guide/authentication/

and make sure user making the api call should be admin because you have specified IsAdminUser permission.

Leave a comment