Hello @peq42
Thank you for posting on these forums and for trying our plugin.
In regards to 2FA on REST API, we generally recommend using Application Passwords — these are supported in WordPress core and provide a secure, standard way for authenticating API requests, even when 2FA is enabled. This is a widely adopted approach, even used and recommended by the likes of Facebook and Google, for example when configuring apps on your smarthphone.
The reason is that support for a 2FA challenge in a REST API call typically needs to be implemented natively within the app making the request. So unfortunately, there isn’t really a “universal solution” for this kind of setup.
Could you share a bit more about your use case, and if there’s a specific reason why Application Passwords aren’t suitable in your case?
Also, if you’ve reached out before and didn’t get a response, we truly apologize. We do our best to reply to every message and rarely miss one, but unfortunately, sometimes it still happens.
Looking forward to hearing from you.
