JWT Authorization Header not Processed

I’m working on the Ultimate Django Series, Part 2. I’m in the Securing APIs section, video 9 - Getting the Current User.

  • I have JWT authentication setup
  • I have created 3 users (one being the superuser)
  • I have set tokens to last 1 day and have tokens for all users
  • I have a browser extention to add headers (simple-modify-headers for Firefox) and have tried all 3 users tokens
  • When I hit http://localhost:8000/auth/users/me/ I get 403 Forbidden with the error message “Authentication credentials were not provided.”
  • When I hit http://localhost:8000/app/list and print headers in this unprotected route in my app, I find my Authorization: JWT access_token_value header present

What could be have such that the header is detected in my app, but it is not being processes/detected properly to identify a user?

Anyone have ideas - this is really frustrating - I can see the header is present when handling my views, but the user is not detected. I just created the token.

I had an error in my settings file.