JwtAuthentication is now a default in edx-platform

JwtAuthentication has been added as a default in edx-platform (i.e. LMS and CMS) for all Django Rest Framework (DRF) endpoints that don’t otherwise override the default authentication classes.

The change is in this commit.

This will eliminate the recurring issue of when a microfrontend (MFE) tries to call a newly developed edx-platform API, and it mysteriously can’t authenticate because JwtAuthentication was not available.

Note: DRF treats error responses differently for JwtAuthentication vs SessionAuthentication, so you may see a 401 where you previously saw a 403 in certain cases.

1 Like