Some of Django REST Framework Simple API Key’s behavior can be customized through settings variables in You can find below the default DRF_API_KEY setting.

# Django project

     "FERNET_SECRET": "",
     "API_KEY_LIFETIME": 365,
     "ROTATION_PERIOD": timedelta(days=7),

Above, the default values for these settings are shown.


The fernet key (Fernet) is used to encrypt and decrypt API Keys.

To generate a fresh fernet key, you can use the following command:

python generate_fernet_key

Make sure to store it somewhere safe and treat it as you will treat the SECRET_KEY Django setting.


Determines the validity period of a generated Api Key. The default value is 365 days.


Determines the keyword that should come with every request made to your API. The default value is Api-Key and it is used in the following format:



The ROTATION_FERNET_SECRET is a secondary Fernet key (Fernet) utilized within the MultiFernet cryptographic scheme. While the primary Fernet key (fernet_key) is used for the main encryption and decryption, the ROTATION_FERNET_SECRET plays a pivotal role during key rotation phases.

In the context of MultiFernet:

  • New tokens are encrypted using the ROTATION_FERNET_SECRET.

  • Tokens can be decrypted with either the ROTATION_FERNET_SECRET enabling a smooth key rotation without rendering existing tokens obsolete.

python generate_fernet_key

This strategic usage ensures that as you transition to a new key, older tokens encrypted with the previous key remain valid, and new tokens are encrypted using the new key. Thus, a seamless transition is achieved, enhancing security without causing disruptions.