WordPress REST API Authentication

Omschrijving

WordPress REST API Authentication plugin secures the unauthorized access to your WordPress site using different authentication credentials verification. This plugin doesn’t requires much configuration.

There are multiple ways to secure a RESTful API e.g. basic auth, OAuth etc. but one thing is sure that RESTful APIs should be stateless – so request authentication/authorization should not depend on cookies or sessions. Instead, each API request should come with some sort authentication credentials which must be validated on the server for each and every request.

REST API Authentication Methods:
* Basic Authentication
1. Using Username & Password
2. Using Client-ID & Client-Secret
* API Key Authentication (Authentication with Randomly Generated Key )
* OAuth 2.0 Authentication
1. Client Credentials
2. Password grant
* API Authentication for Third Party Provider( using Introspection Endpoint / User Info Endpoint )
* Access Token Authentication
* JWT Token / ID Token Authentication

FEATURES:
* Supports Basic Auth (Basic Authentication), API Key, OAuth 2.0, JWT Authentication methods
* Allows to access all type of posts/pages based on User’s WordPress Role & Capability
* Allows to Authenticate your WordPress site / REST API with token (access token / jwt token) provided by your OAuth Provider ( Third Party Provider )
* Supports WooCommerce API Authentication

Privacy

This plugin does store any user data.

Schermafdrukken

  • Add your application

Installatie

This section describes how to install the plugin and get it working.

From your WordPress dashboard

  1. Visit Plugins > Add New
  2. Search for oauth. Find and Install api authentication plugin by miniOrange
  3. Activate the plugin

From WordPress.org

  1. Download WordPress REST API Authentication.
  2. Unzip and upload the wp-rest-api-authentication directory to your /wp-content/plugins/ directory.
  3. Activate miniOrange OAuth from your Plugins page.

FAQ

What is the use of API Authentication

The REST API authentication prevents the unauthorized access to your WordPress API’s.
It reduces potential attack factors

How does this plugin work?

You just have to select your Authentication Method.
Based on the method you have selected you will get the authorization code/token after sending the token request.
Access your REST API with code/token you received in previous step.

How to access draft posts?

You can access draft posts using Basic Auth, OAuth 2.0(using Username:Password) methods. Pages/posts are need to access with the status. Default status used in request is ‘Publish’ and any user can access Published post.
To access the pages/posts stored in draft, you need to append the ?status=draft to the page/post request.
For Example:
You need to use below URL format while sending request to access different type of posts
1. Access draft posts only
https://localhost:8080/wp-json/wp/v2/posts?status=draft
2. Access all type of posts
https://localhost:8080/wp-json/wp/v2/posts?status=any
You just have to change the status(draft, pending, any, publish) as per your requirement. You do not have to pass status parameter to access Published posts.

Beoordelingen

9 september 2019
Hi, I am using this plugin to connect my Mobile apps (iOS and Android) to WordPress using WP REST API's. This plugin did the job and has ton of great features. But what's really the best is level of support you get if run into an issue. I literally had a human talking to me and helping setting up this end to end. Keep up the good work.
Lees 1 beoordeling

Bijdragers & ontwikkelaars

“WordPress REST API Authentication” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

Bijdragers

Changelog

1.1.1

  • Fixes to Create, Posts, Update Publish Posts

1.1.0

  • Updated UI and features
  • Added compatibility for WordPress version 5.2.2
  • Added support for accessing draft posts as per User’s WordPress Role Capability
  • Allowed Logged In Users to access posts through /wp-admin Dashboard

1.0.2

  • Added Bug fixes

1.0.0

  • Updated UI and features
  • Added compatibility for WordPress version 5.2.2