.../modules/rest/src/Entity/ConfigDependencies.php | 10 +++---
 .../modules/rest/src/Entity/RestResourceConfig.php | 37 ++++++----------------
 .../rest/src/RestResourceConfigInterface.php       | 35 ++------------------
 core/modules/rest/src/Routing/ResourceRoutes.php   |  4 +--
 core/modules/rest/src/Tests/RESTTestBase.php       |  4 ++-
 core/modules/rest/src/Tests/ResourceTest.php       | 18 +++++++----
 6 files changed, 34 insertions(+), 74 deletions(-)

diff --git a/core/modules/rest/src/Entity/ConfigDependencies.php b/core/modules/rest/src/Entity/ConfigDependencies.php
index cbdbd00..a628aa8 100644
--- a/core/modules/rest/src/Entity/ConfigDependencies.php
+++ b/core/modules/rest/src/Entity/ConfigDependencies.php
@@ -80,7 +80,7 @@ protected function calculateDependenciesForMethodGranularity(RestResourceConfigI
       }
 
       // Add dependencies based on the supported authentication providers.
-      foreach ($rest_config->getSupportedAuthenticationProviders($request_method) as $auth) {
+      foreach ($rest_config->getAuthenticationProviders($request_method) as $auth) {
         if (isset($this->availableRestAuthentications[$auth])) {
           $module_name = $this->availableRestAuthentications[$auth];
           $dependencies['module'][] = $module_name;
@@ -153,11 +153,13 @@ public function onDependencyRemoval(RestResourceConfigInterface $rest_config, ar
             }
           }
           foreach ($removed_auth as $auth) {
-            if (in_array($auth, $rest_config->getSupportedAuthenticationProviders($request_method))) {
-              $rest_config->removeSupportedAuthenticationProvider($request_method, $auth);
+            if (in_array($auth, $rest_config->getAuthenticationProviders($request_method))) {
+              $rest_config = array_filter($rest_config[$request_method]['supported_auth'], function ($val) use ($auth) {
+                return ($val != $auth);
+              });
             }
           }
-          if (empty($rest_config->getSupportedAuthenticationProviders($request_method)) ){
+          if (empty($rest_config->getAuthenticationProviders($request_method)) ){
             // Remove the key if there are no more authentication providers
             // supported by this request method.
             unset($configuration[$request_method]['supported_auth']);
diff --git a/core/modules/rest/src/Entity/RestResourceConfig.php b/core/modules/rest/src/Entity/RestResourceConfig.php
index 795e2e8..1d505c2 100644
--- a/core/modules/rest/src/Entity/RestResourceConfig.php
+++ b/core/modules/rest/src/Entity/RestResourceConfig.php
@@ -139,43 +139,24 @@ protected function getMethodsForMethodGranularity() {
   /**
    * {@inheritdoc}
    */
-  public function getSupportedAuthenticationProviders($method) {
-    $method = $this->normalizeRestMethod($method);
-    if (in_array($method, $this->getMethods()) && isset($this->configuration[$method]['supported_auth'])) {
-      return $this->configuration[$method]['supported_auth'];
-    }
-    return [];
-  }
-
-  /**
-   * {@inheritdoc}
-   */
-  public function addSupportedAuthenticationProvider($method, $auth) {
-    $method = $this->normalizeRestMethod($method);
-    if (!in_array($method, $this->getMethods())) {
-      $this->configuration[$method] = ['supported_auth' => []];
-    }
-    if (!isset($this->configuration[$method]['supported_auth'])){
-      $this->configuration[$method]['supported_auth'] = [];
+  public function getAuthenticationProviders($method) {
+    if ($this->granularity === 'method') {
+      return $this->getAuthenticationProvidersForMethodGranularity($method);
     }
-    if (!in_array($auth, $this->configuration[$method]['supported_auth'])) {
-      $this->configuration[$method]['supported_auth'][] = $auth;
+    else {
+      // @todo Add resource-level granularity support in https://www.drupal.org/node/2721595.
     }
-    return $this;
   }
 
   /**
    * {@inheritdoc}
    */
-  public function removeSupportedAuthenticationProvider($method, $auth) {
+  public function getAuthenticationProvidersForMethodGranularity($method) {
     $method = $this->normalizeRestMethod($method);
-    if ($this->getSupportedAuthenticationProviders($method)) {
-      $new_auth = array_filter($this->configuration[$method]['supported_auth'], function ($val) use ($auth) {
-        return ($val != $auth);
-      });
-      $this->configuration[$method]['supported_auth'] = $new_auth;
+    if (in_array($method, $this->getMethods()) && isset($this->configuration[$method]['supported_auth'])) {
+      return $this->configuration[$method]['supported_auth'];
     }
-    return $this;
+    return [];
   }
 
   /**
diff --git a/core/modules/rest/src/RestResourceConfigInterface.php b/core/modules/rest/src/RestResourceConfigInterface.php
index 6fa2e1a..037b858 100644
--- a/core/modules/rest/src/RestResourceConfigInterface.php
+++ b/core/modules/rest/src/RestResourceConfigInterface.php
@@ -27,44 +27,15 @@ public function getResourcePlugin();
   public function getMethods();
 
   /**
-   * Retrieves a list of supported authentication mechanisms
-   *   for a specific request method.
+   * Retrieves a list of supported authentication providers.
    *
    * @param string $method
    *   The request method e.g GET or POST.
    *
    * @return string[]
-   *   An array of supported authentication provider plugin id's
+   *   A list of supported authentication provider IDs.
    */
-  public function getSupportedAuthenticationProviders($method);
-
-  /**
-   * Add the specified authentication provider to
-   *   the list of supported authentication providers
-   *   for the given request method.
-   *
-   * @param string $method
-   *   The request method e.g GET or POST.
-   * @param string $auth
-   *   An authentication provider plugin id.
-   *
-   * @return $this
-   */
-  public function addSupportedAuthenticationProvider($method, $auth);
-
-  /**
-   *  Remove the specified authentication provider from
-   *   the list of supported authentication providers
-   *   for the given request method.
-   *
-   * @param string $method
-   *   The request method e.g GET or POST.
-   * @param string $auth
-   *   An authentication provider plugin id.
-   *
-   * @return $this
-   */
-  public function removeSupportedAuthenticationProvider($method, $auth);
+  public function getAuthenticationProviders($method);
 
   /**
    * Retrieves a list of supported formats for a specific request method.
diff --git a/core/modules/rest/src/Routing/ResourceRoutes.php b/core/modules/rest/src/Routing/ResourceRoutes.php
index ff119eb..e64b3f7 100644
--- a/core/modules/rest/src/Routing/ResourceRoutes.php
+++ b/core/modules/rest/src/Routing/ResourceRoutes.php
@@ -94,7 +94,7 @@ protected function getRoutesForResourceConfig(RestResourceConfigInterface $rest_
         $route->setRequirement('_access_rest_csrf', 'TRUE');
 
         // Check that authentication providers are defined.
-        if (empty($rest_resource_config->getSupportedAuthenticationProviders($method))) {
+        if (empty($rest_resource_config->getAuthenticationProviders($method))) {
           $this->logger->error('At least one authentication provider must be defined for resource @id', array(':id' => $rest_resource_config->id()));
           continue;
         }
@@ -114,7 +114,7 @@ protected function getRoutesForResourceConfig(RestResourceConfigInterface $rest_
 
         // The configuration seems legit at this point, so we set the
         // authentication provider and add the route.
-        $route->setOption('_auth', $rest_resource_config->getSupportedAuthenticationProviders($method));
+        $route->setOption('_auth', $rest_resource_config->getAuthenticationProviders($method));
         $route->setDefault('_rest_resource_config', $rest_resource_config->id());
         $collection->add("rest.$name", $route);
       }
diff --git a/core/modules/rest/src/Tests/RESTTestBase.php b/core/modules/rest/src/Tests/RESTTestBase.php
index 41a4ea3..73d1246 100644
--- a/core/modules/rest/src/Tests/RESTTestBase.php
+++ b/core/modules/rest/src/Tests/RESTTestBase.php
@@ -289,9 +289,11 @@ protected function enableService($resource_type, $method = 'GET', $format = NULL
       if (!is_array($auth) || empty($auth)) {
         $auth = $this->defaultAuth;
       }
+      $configuration = $resource_config->get('configuration');
       foreach ($auth as $auth_provider) {
-        $resource_config->addSupportedAuthenticationProvider($method, $auth_provider);
+        $configuration[$method]['supported_auth'][] = $auth_provider;
       }
+      $resource_config->set('configuration', $configuration);
       $resource_config->save();
     }
     else {
diff --git a/core/modules/rest/src/Tests/ResourceTest.php b/core/modules/rest/src/Tests/ResourceTest.php
index c00035d..6ddc07c 100644
--- a/core/modules/rest/src/Tests/ResourceTest.php
+++ b/core/modules/rest/src/Tests/ResourceTest.php
@@ -44,13 +44,17 @@ protected function setUp() {
    * Tests that a resource without formats cannot be enabled.
    */
   public function testFormats() {
-    /** @var \Drupal\rest\RestResourceConfigInterface $resource_config */
-    $resource_config = $this->resourceConfigStorage->create(['id' => 'entity__entity_test', 'granularity' => 'method', 'configuration' => []]);
-    // Attempt to enable the resource.
-    $resource_config
-      ->addSupportedAuthenticationProvider('GET', 'basic_auth')
-      ->save();
-    $this->rebuildCache();
+    $this->resourceConfigStorage->create([
+      'id' => 'entity__entity_test',
+      'granularity' => 'method',
+      'configuration' => [
+        'GET' => [
+          'supported_auth' => [
+            'basic_auth',
+          ],
+        ],
+      ],
+    ])->save();
 
     // Verify that accessing the resource returns 406.
     $response = $this->httpRequest($this->entity->urlInfo()->setRouteParameter('_format', $this->defaultFormat), 'GET');