Prefer AI-assisted setup? Use our AI prompts for Django to automatically integrate Civic Auth using Claude, ChatGPT, or other AI assistants. Includes a step-by-step video tutorial!
Important: The SDK Handles EverythingThe Civic Auth Python SDK abstracts away all token validation complexity. You do NOT need to:
- Implement custom middleware for token validation
- Parse or validate JWT tokens manually
- Handle token refresh logic yourself
Quick Start
1. Install Dependencies
uv
package manager:
2. Configure Your Django Settings
Add Civic Auth configuration to your Django settings:3. Add URL Patterns
Include the Civic Auth URLs in your project:4. Create Basic Views
Create views for your application:5. Add URL Patterns for Your Views
6. Run Your Django App
http://localhost:8000
and click the login link to test authentication.
How It Works
Authentication Flow
- User visits
/auth/login
- starts the login process - User authenticates with Civic
- User gets redirected to
/auth/callback
- completes authentication - User can now access protected views
Available Routes
/auth/login
- Start authentication/auth/callback
- Handle OAuth callback (auto-created)/auth/logout
- Sign out user
Working with User Data
The authenticated user is available viarequest.civic_user
as a dictionary:
Protecting Views
Use the@civic_auth_required
decorator to protect views:
Template Usage
Access the user in Django templates:Django REST Framework
For API views with Django REST Framework:Complete Example
Here’s a complete working Django project structure:Configuration Options
Field | Required | Description |
---|---|---|
client_id | Yes | Your Civic Auth Client ID from auth.civic.com |
redirect_url | Yes | Where Civic redirects after authentication (must be absolute URL) |
post_logout_redirect_url | Yes | Where users go after logout (must be absolute URL) |
Note:
redirect_url
and post_logout_redirect_url
must be absolute URLs.Next Steps
- Get your Client ID: Sign up at auth.civic.com
- Replace
YOUR_CLIENT_ID
with your actual client ID - Update URLs when deploying to production
- Add more protected views as needed
- Create templates for better user experience
Authentication Flows
Civic Auth supports multiple OAuth 2.0 authentication methods to provide maximum security for different application architectures.Need client secret authentication? Civic Auth supports PKCE-only, client secrets, and hybrid PKCE + client secret approaches. See our Authentication Flows guide for detailed comparison.