On this page
Authentication API overview
The Authentication API is new in Drupal 8.
API features
Ordered by most to least frequently used APIs:
- Authentication provider services
- Implement
\Drupal\Core\Authentication\AuthenticationProviderInterface
and use the'authentication_provider'
service tag. _auth
option on routes- The default authentication manager (see below) enables developers to limit the set of allowed authentication mechanisms to the specified subset by specifying
_auth
in a route'soptions
.
Example:_auth: ['basic_auth', 'cookie']
-
Note that this does not limit the authentication methods that will initially be applied to the request. Rather, it will deny requests for which successful authentication was performed using a method not listed.
- Authentication manager
- The authentication manager (
\Drupal\Core\Authentication\AuthenticationManager
) calls the different authentication provider services based on each service's priority. - The manager can be overridden for very advanced use cases; 99.9% of the time the default implementation should be sufficient.
- Useful Interfaces
- Drupal provides 2 additional Interfaces for advanced authentication use cases.
-
\Drupal\Core\Authentication\AuthenticationProviderFilterInterface
- This is helpful if you only want your Authentication provider to be used for certain routes and allows you to RouteMatch the request and check the route object for the options. -
\Drupal\Core\Authentication\AuthenticationProviderChallengeInterface
- This allows you to generate a challenge when access is denied for unauthenticated users. This is used by the Basic Auth module.
See also
- Routing API
- RESTful Web Services API
- The original change notice that introduced this API: Modular authentication system
- Related contributed module: OAuth
- Related contributed module: Simple OAuth (OAuth 2.0 Bearer Token)
- Related contributed module: OAuth2 Server
- Related contributed module: IP
- Related contributed module: OAuth2 JWT SSO
- Related contributed module: Key auth
Help improve this page
You can:
- Log in, click Edit, and edit this page
- Log in, click Discuss, update the Page status value, and suggest an improvement
- Log in and create a Documentation issue with your suggestion