JWT Authentication for WP REST API
Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
Overview
Compatibility
Installation instructions
Customer support & learning resources
Changelog
Main benefits
Secure token-based authentication
Supports WP REST API
Customizable token settings
Easy token validation
CORS support available
About this plugin
Author: Tmeister
Categories: Integration and APIs
Version: 1.3.4
Last updated: 11-09-2023
WordPress version: 4.2
Tested up to: 6.3.5
PHP version required: 7.4.0
Languages:
Tags:
Learning resources: View resources
Overview
The "wp-api-jwt-auth" is a WordPress plugin designed to enhance the WP REST API V2 by incorporating JSON Web Tokens (JWT) as an authentication method, ensuring secure and efficient credential validation between clients and the server. JSON Web Tokens, adhering to the industry-standard RFC 7519, facilitate secure transmission of claims. The plugin requires WP REST API V2 and PHP 7.4 or higher, with specific configurations to enable HTTP Authorization Headers. Key functionalities include generating and validating tokens through endpoints, storing tokens securely, and integrating them into API calls for authentication. For developers, it offers various filters to customize token generation and validation processes, and supports CORS configurations. The plugin's source is maintained on GitHub, where users can also seek support and contribute.
Secure Authentication
- Uses JSON Web Tokens (JWT) for secure authentication.
- JWTs are an open, industry-standard method for representing claims securely between two parties.
- Ensures that user credentials are validated and securely transmitted.
Easy Integration
- Extends the WP REST API V2 plugin features.
- Simple configuration steps to set up secret keys and enable CORs support.
- Provides clear instructions for enabling HTTP Authorization Header.
Developer Friendly
- Offers multiple hooks to customize default settings.
- Allows modification of token data before encoding and signing.
- Supports changing the signing algorithm and token expiration settings.
Comprehensive Endpoints
- Adds new namespace and endpoints for token generation and validation.
- Provides endpoints to validate user credentials and return tokens.
- Includes helper endpoint to validate tokens easily.