Last updated February 21, 2020

When you create a fully decoupled application, the code in your application can't rely on things like same-origin policy and the browser's use of cookies in order to authenticate requests. Instead, you need to use alternative methods like HTTP authentication, or better yet, OAuth.

In this tutorial we'll:

  • Install the Simple OAuth Drupal module, and configure it to work with a password grant flow in order to allow our code to exchange a username and password for an access token
  • Demonstrate how to use an access token to make authenticated requests

By the end of this tutorial you should know how to install and configure the Simple OAuth module and make authenticated API requests using an OAuth password grant flow.