Enabling jsonapi and rest modulesfor Drupal 8 , 9 , 10 , and 11

Home » Headless Drupal » Enabling jsonapi and rest modules
Last updated :  
8.x , 9.x , 10.x , 11.x

Introduction

In the previous lesson, we explored setting up Drupal as an API-first content delivery system. Today, we dive deeper into enabling and configuring the JSON:API and REST modules. These modules are central to transforming Drupal into a headless CMS, facilitating structured and secure data access for various front-end applications.

The Importance of JSON:API and REST Modules

Both JSON:API and REST modules serve distinct yet complementary roles in Drupal's ecosystem as a headless CMS. The REST module offers a customizable way to create endpoints based on your specific content types and operations. In contrast, the JSON:API module automates endpoint creation conforming to the JSON:API specification. This lesson will focus on both enabling these modules and understanding their basic configuration.

Step 1: Enabling the REST Module

First, ensure your Drupal installation has the REST module enabled. This module allows HTTP methods like GET, POST, PATCH, and DELETE, crucial for creating, reading, updating, and deleting data via API. There are two ways to enable it:

Using Drush

drush en rest -y

Using Admin Interface

  1. Navigate to the Extend page in the admin toolbar.
  2. Search for RESTful Web Services and select Enable.

Step 2: Configuring RESTful Endpoints

Post enabling, customize your REST configuration to meet your specific needs:

  1. Go to Configuration > Web Services > REST.
  2. Identify the content types you wish to expose (e.g., Articles or Users).
  3. Edit configurations to enable or disable HTTP methods as required.

Make sure to secure sensitive endpoints by limiting access to trusted roles under People > Permissions.

Step 3: Enabling the JSON:API Module

The JSON:API module simplifies endpoint creation, automatically mapping entities to URL-accessible APIs. Here's how to enable it:

Using Composer and Drush

composer require drupal/jsonapi
drush en jsonapi -y

Using Admin Interface

  1. Visit the Extend page.
  2. Search for JSON:API, select Enable, and save.

Step 4: JSON:API Configuration

The JSON:API module requires minimal configuration because it automatically makes all entities available via JSON:API endpoints.

By default, it supports both collections and individual operations (e.g., fetching single nodes or multiple nodes). It also supports efficient querying parameters, like filtering or sorting, making it a favorite choice for decoupling.

Testing Access to JSON:API and REST Endpoints

Before moving forward, ensure your endpoints are accessible:

Using Postman or curl

Fetch nodes using:

curl -X GET http://example.com/jsonapi/node/article

Or test via REST:

curl -X GET http://example.com/entity/node?_format=json

Replace http://example.com with your site's URL. You should receive a JSON response if correctly set up.

Considerations on Permissions and Security

For both RESTful Web Services and JSON:API modules, managing access is crucial. Set permissions under People > Permissions to control who can access or modify data. Ensure anonymous or unintended roles do not have more access than necessary to maintain security.

Conclusion and Teaser for the Next Lesson

By enabling and configuring JSON:API and REST modules, your Drupal setup is ready to serve as a dynamic backend, efficiently providing content through structured APIs. This capability is foundational to a headless configuration, supporting multi-platform delivery.

Our next lesson will cover "Configuring Cross-Origin Resource Sharing for frontend access", an important topic to ensure safe and efficient data sharing across different domains. Stay tuned as we continue to unlock the full potential of Headless Drupal!