Django REST framework – Setting permissions

Let’s continue our example in


So now we have a working endpoint @

Now we would like to add authentication on this endpoint and return 403 if the request is not authorized.

First, if you want to set the authentication globally, you could set it in the



Restart the application and try to access the endpoint again. You will get a 403.

You will get the correct response only if u have logged in.

Similarly, you need to provide the user credential when using the curl command.

curl -u <username>:<password>


But sometimes, we only want to add the authentication to some specific endpoint. In that case, you don’t need to alter the global config in Instead, add the permission_classes in the as follow.


from rest_framework import permissions
from rest_framework.views import APIView
from rest_framework.response import Response
from statsd.defaults.django import statsd

class CustomGet(APIView):
  A custom endpoint for GET request.
  permission_classes = (permissions.IsAuthenticated,)

  def get(self, request, format=None):
    Return a hardcoded response.
    return Response({"success": True, "content": "Hello World!"})


Done =)

Reference: Django REST framework – Permissions


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s