Django Quickstart
This guide will help you integrate Descope's Python SDK into your Django application. Follow the steps below to get started.
Import and Setup Backend SDK
You'll need install and setup all of the packages from the SDK. This is done by ensuring django_descope
is under INSTALLED_APPS
in settings.py
.
If you're using a CNAME with your Descope project, make sure to export the Base URL (e.g. export DESCOPE_BASE_URI="https://api.descope.com"
) when initializing descope_client
.
Optionally, to make the Descope username populate from a custom claim instead of sub
, set the DESCOPE_USERNAME_CLAIM
to the corresponding username claim in the JWT.
Add Descope Middleware
Ensure Descope Middleware is after the AuthenticationMiddleware and SessionMiddleware.
Configure URLconf
You will then need to include the Descope URLconf in your project urls.py
like this.
Configure URLconf
The session validation is handled in the Django SDK, through the middleware.
If you're interested in offline JWT validation, check out our offline JWT validation guide.
Implement Session Validation
You will need to then fetch the session token from the Authorization header of each request, and use the SDK to validate the token.
The frontend SDK will store the session token in either a cookie or your browser's local storage. If using a cookie, the token will be sent to your app server automatically with every request.
It's important to validate the aud
claim in your session token to ensure the token was issued for your specific application. This prevents token reuse across different applications. You can use JWT Templates to customize the aud
claim.
Here's how to validate the session token with an aud
claim:
Once you've implemented the basic session validation, you can enhance your application with these additional features:
User Management
Learn how to create, update, and manage users in your application.
Role-Based Access Control
Implement fine-grained access control using roles and permissions.
API Gateway Session Validation
Secure your API endpoints with session validation middleware.
Set up M2M Authentication
Implement M2M authentication with Descope.
Additional Resources
Have You Implemented the Frontend Yet?
When integrating Descope into your application, you have three options depending on how much control you want over your frontend authentication experience and session management:
Option | Description | Best For |
---|---|---|
Use Descope Flows | Design your authentication screens and flows visually in the Descope Console with little or no frontend code. We handle all session management for you. | Fastest setup with minimal custom frontend work. |
Use Descope Client SDKs | Build your own login screens and authentication experiences in your frontend using code, while relying on Descope's SDKs to manage sessions (login, logout, refresh). | Customizable UX with simplified session handling. |
Use Descope Backend SDKs | Build your own frontend and your own backend APIs for authentication. You fully manage sessions, tokens, and authentication logic yourself. | Maximum flexibility and control, at the cost of more engineering effort. |
Descope Flows
Design login screens and authentication flows visually without writing code, and embed them into your app.
Descope Client SDKs
Build custom login screens in your frontend using code, while we manage session tokens and refreshing for you.