Django Rest Framework packs with a bundle of handy permission and authentication classes to allot different permissions depending on day to day needs. But it lacks a permission to bypass the existing permission and go over without an authentication and make an open endpoint.

The is not a requirement in a typical application but I needed an open api endpoint to transfer status to a different application and all other views require authentication.

Django uses permission class to check if the user requesting has permission to the view. Permission classes uses authenticated data returned from authentication class (which authenticates user using credentials and then by session or Token) to run over the list of permissions and decided whether or not to allow the request to pass.

To make a view accessible to anonymous user you need to set the permission classes to null.

Class based view


class PublicEndpoint(APIView):

 permission_classes = []

 def get(self, request):
  return Response({'Public Endpoint'})

Functional View


from rest_framework.decorators import authentication_classes, permission_classes

@api_view(['GET'])    
@authentication_classes([])
@permission_classes([])
def items(request):
   return Response({'Public Endpoint'})