Django Request Signer provides both a client and a server component to assist in verifying that both the sending and receiving ends of a web service call can trust one another. This trust is established by allowing clients to register with the server and recieve a unique public client id and a private key.
A client will have an id and a private key which is issued by the server.
The server will store all client ids and corresponding private keys.
the private key to create a unique signature.
signature will be passed to the server in an http request.
corresponding private key.
private key to try to recreate the exact same signature as the one passed from the client.
client, the server knows it can trust the request, if not the server will respond with a Bad Request (400).