Search code examples

Authenticating Swagger API docs (drf-yasg)

I've setup DRF-YASG but am unable to figure out how to configure it to show Views that require Authentication.

Below is the configuration.

  schema_view = get_schema_view(
        title="Swagger Doc",
        description="Test description",
        license=openapi.License(name="BSD License"),
      validators=['flex', 'ssv'],
      permission_classes=(permissions.AllowAny,),  # If I change the permission it throws an exception. See below

the public_apis are the APIs that I want a person to see after they have authenticated themselves.

With the above configuration, it does not show a single API. It only shows the Authorize Button and text that says No operations defined in spec!. But if I change public=False to public=True then it shows all the APIs.

PS: Earlier I was using Django Rest Swagger and I had been able to configure it to show the APIs only after the JWT token had been provided.

Am is using JWT for authentication.

Exception on Permission Change:

Another issue is that if I change the permission above to a DRF Permission class the rendering fails with the error below:

  Internal Server Error: /swagger/
  Traceback (most recent call last):
    File "/usr/local/lib/python3.6/site-packages/django/core/handlers/", line 41, in inner
      response = get_response(request)
    File "/usr/local/lib/python3.6/site-packages/django/core/handlers/", line 217, in _get_response
      response = self.process_exception_by_middleware(e, request)
    File "/usr/local/lib/python3.6/site-packages/django/core/handlers/", line 215, in _get_response
      response = response.render()
    File "/usr/local/lib/python3.6/site-packages/django/template/", line 107, in render
      self.content = self.rendered_content
    File "/usr/local/lib/python3.6/site-packages/rest_framework/", line 72, in rendered_content
      ret = renderer.render(, accepted_media_type, context)
    File "/usr/local/lib/python3.6/site-packages/drf_yasg/", line 54, in render
      self.set_context(renderer_context, swagger)
    File "/usr/local/lib/python3.6/site-packages/drf_yasg/", line 62, in set_context
      renderer_context['title'] =
  AttributeError: 'dict' object has no attribute 'info'
  Internal Server Error: /swagger/

I've tried changing it to permmissions.IsAuthenticated and my own custom permission classes but they all fail with the same error.


  • Turned out the issue was that I was missing rest_framework.authentication.SessionAuthentication in DRF's DEFAULT_AUTHENTICATION_CLASSES.

    So the request object sent after logging in via the Django Admin login view did not have a user so all permission classes kept failing and it would then lead to the above error.

    So after adding it drf-yasg shows all its glory.


    The error it throws when this occurs was raised as bug though. See #issue58.