Photo by Jason Blackeye on Unsplash


I had made a little project: a login for a Drupal site with Angular. The main point is “security” so, for the side of Angular I tried Guards, on the side of Drupal, I use the OAuth standard. You can check the Github project here

So, for now, I am going to talk about how I configured the Drupal site for protecting data with the OAuth authentication, using the Simple OAuth module. Also, some testing with PostMan for sending the token or refreshing it. 

In the angular side, I tried two approaches for “protecting” data, one simple was with Guards, and another one was, after Drupal token expires, intercept the 403 forbidden response, and send a refresh token, for update it, and be able to make a new request. 

Personally, I don't like long guides with an infinite scroll, so, please, check the table of content, and if you like any of them, check it up. Good Luck and any feedback will be welcome!

Setup Drupal For web services Integration

The logic behind Angular login with Drupal.

Postman and Drupal

Angular Login for Drupal 8

Guards in Angular

Adding authorization token in the Angular header for Drupal 8, forbidden content.

Intercept and refresh token in Angular for Drupal 8 backend

Have a good luck, and remember to check the git repository