Articles
This tutorial was originally published on Web Wash. However, Berdir asked if I could post the tutorial here, so here it is.
The module in Drupal 7 allows you to store code samples/snippets in a field. It comes with a customizable field called “Snippets field” and displays three form elements: description, source code, and syntax highlighting mode (which programming language).
But now it's time to upgrade the module to Drupal 8.
Drupal’s online documentation is © 2000-2020 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution-ShareAlike 2.0. PHP code is distributed under the GNU General Public License.
Overview
Drupal 8 comes with a large library of base classes that allow you to work with your own content. When it comes to content entities, you want to use fields. It is important to understand Fields, as this is where your entities store their data.
FieldTypes
Main field types:
Drupal’s online documentation is © 2000-2020 by the individual contributors and can be used in accordance with the Creative Commons License, Attribution-ShareAlike 2.0. PHP code is distributed under the GNU General Public License.
Authentication for CRUD Operations with JSON:API
When interacting with the JSON:API, tools such as Postman or cURL can be used to send requests. By default, requests made through these tools are treated as coming from an "anonymous" user, since they do not inherently manage user authentication. As a result, access to certain resources may be restricted based on the permissions configured for anonymous users in your Drupal site.
If you are looking to protect/restrict access to your Drupal REST APIs using your Identity provider, then you should go for the External Identity Provider Authentication method.
Drupal API Authentication using an External Identity Provider involves the use of tokens received from third-party providers like Google, Azure AD, Keycloak, Okta, Gitlab, etc. for accessing Drupal rest APIs securely.
The Drupal API Authentication module works by sending a JWT token along with your API requests for authentication. This module uses JSON Web Token (JWT), an open standard for securely representing user identity during two-party interactions.
In this step, essentially, a username and password of your Drupal site are used to first get a JWT token. Once the username and password are verified, the Drupal REST API Authentication module will create a signed JSON Web Token. Then, the API will return that token back to the client application.
OAuth (Open Authorization) is an open standard for token-based authentication and authorization protocol that can be used to provide single sign-on (SSO). OAuth allows particular information about an end user's account to be used by third-party services, such as Facebook, etc without exposing the user's password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.
API Key Authentication is one of the simplest methods to protect Drupal REST APIs. Once you have generated API Keys for all your users, you can then use those keys to secure access to your Drupal REST APIs.
Basic Authentication is a very simple and straight-forward Authentication method. The client sends HTTP requests with an Authorization header that contains a base64-encoded username and password of your Drupal site.