Drupal REST Authentication

The Drupal API Authentication module works by sending a JWT token along with your API requests for authentication. This module uses JSON Web Token (JWT), an open standard for securely representing user identity during two-party interactions.

In this step, essentially, a username and password of your Drupal site are used to first get a JWT token. Once the username and password are verified, the Drupal REST API Authentication module will create a signed JSON Web Token. Then, the API will return that token back to the client application.

OAuth (Open Authorization) is an open standard for token-based authentication and authorization protocol that can be used to provide single sign-on (SSO). OAuth allows particular information about an end user's account to be used by third-party services, such as Facebook, etc without exposing the user's password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.