Why Django Swagger is not showing docs for urls that has permissions IsAuthenticated?

Question

In my api default permmision class is 'rest_framework.permissions.IsAuthenticated' and django swagger is not showing docs for any url.

My REST_FRAMEWORK settings is:

REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAuthenticated',),

    'DEFAULT_AUTHENTICATION_CLASSES': (
         'rest_framework.authentication.TokenAuthentication',
    )
}

And my swagger_settings is :

SWAGGER_SETTINGS = {
    'USE_SESSION_AUTH': False,
    'SECURITY_DEFINITIONS': {
        'api_key': {
            'type': 'apiKey',
            'in': 'header',
            'name': 'Authorization'
        }
    },

So how can I show authenticated endpoints in django swagger.

Answer 1

This topic actually established a great discussion in GitHub. It seems like you are trying to access views that have IsAuthenticated as permission classes and likely they're forbidden if you're not authenticated yet.

You can just add rest_framework.authentication.SessionAuthentication in your DRF settings, in order to make those endpoints accessible via Swagger:

REST_FRAMEWORK = {
    'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAuthenticated',),

    'DEFAULT_AUTHENTICATION_CLASSES': (
         'rest_framework.authentication.TokenAuthentication',
         'rest_framework.authentication.SessionAuthentication
    )
}