django-trench provides a set of REST API endpoints to supplement django-rest-framework with multi-factor authentication (MFA, 2FA). It supports both standard built-in authentication methods, as well as JWT (JSON Web Token). django-trench follows the url pattern developed in djoser library and may act as its supplement.
We deliver a couple of sample secondary authentication methods including sending OTP based code by email, SMS/text as well as through 3rd party mobile apps or utilising YubiKey. Developers can easily add own auth backend supporting any communication channel.


  • Easily plugable and compatible with django-rest-framework and djoser
  • Allows user to pick an additional authentication method from range of backends defined by a developer. Read more: backends
  • Comes out of a box with email, SMS, mobile apps and YubiKey support


Supported versions

  • Python 3.4, 3.5, 3.6, 3.7
  • Django 1.11, 2.0, 2.1, 2.2
  • Django REST Framework 3.7, 3.8, 3.9
If you implement Token Based Authentication:
If you are going to use JWT authentication:

Quick Start

  1. Install the package using pip:
pip install django-trench

or add it to your requirements file.

  1. Add trench library to INSTALLED_APPS in your app settings file:
    'rest_framework.authtoken',  # In case of implementing Token Based Authentication
  1. Run migrations
Read further in: installation.


Trench uses Transifex service to translate our package into other languages.

We will appreciate your help with translation.


Demo project

You can also check our live demo.