In this chapter, we will understand the difference between authentication and permissions in the Django REST framework. We will start securing our RESTful Web Service by adding requirements for authentication schemes and specifying permission policies. We will gain an understanding of:

• Understanding authentication and permissions in Django, the Django REST framework, and RESTful Web Services
• Authentication classes
• Security and permissions-related data to models
• Working with object-level permissions via customized permission classes
• Saving information about users that make requests
• Setting permissions policies
• Creating the superuser for Django
• Creating a user for Django
• Making authenticated requests
• Browsing the secured API with the required authentication
• Working with token-based authentication
• Generating and using tokens