Title: Rest API Authentication Last modified: June 30, 2020 --- # Rest API Authentication * Resolved [jachenry](https://wordpress.org/support/users/jachenry/) * (@jachenry) * [5 years, 11 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/) * Now that this plugin supports generating a new jwt based on the users email/password, do you have any plans for adding the ability to authenticate calls to the rest api endpoints? * Currently we are using **JWT Authentication for WP-API** plugin for authenticating calls to the rest api endpoints but it’d be great to use your plugin for generating and authenticating jwts. * Here is our workflow: * **Anonymous** – Unauthenticated calls to rest api endpoints expose wordpress posts/pages as if an anonymous user was visiting the site – Authorization Bearer Header is NOT supplied to rest api calls making it so only public content is returned * **Authenticated** – User authenticates via `https://{{Domain}}/wp-json/jwt-auth/ v1/token` and is given a jwt (synonymous with your `/auth` endpoint) – Authorization Bearer Header is supplied to rest api calls allowing for json to include protected content. Middleware is in place to detect Authorization header and immediately set the user before proceeding. * I believe the only thing your plugin is missing is the ability to set the user id prior to processing the rest endpoint. Is this correct or am I missing something? Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [Nicu Micle](https://wordpress.org/support/users/nicu_m/) * (@nicu_m) * [5 years, 11 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13054715) * Hello, * Thank you for suggesting new features to this plugin. * To understand better, you want to set the userID ( create a user session, as the user is logged in in WordPress ) when you call the `/auth` endpoint? * Best regards, Nicu. * Thread Starter [jachenry](https://wordpress.org/support/users/jachenry/) * (@jachenry) * [5 years, 11 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13054794) * Nicu – * Not quite. I was wondering if you had any plans to work similar to [https://github.com/WP-API/jwt-auth](https://github.com/WP-API/jwt-auth). Where in addition to providing an `/auth` endpoint for generating a jwt, you also intercept and validate jwt tokens supplied to the rest api endpoints. * There are other plugins that already handle this sort of authentication like the link posted above. Just seems like the last piece needed to make your plugin the one stop shop for rest-api authentication. authentication/registration/single- sign-on. * Jacob * Plugin Author [Nicu Micle](https://wordpress.org/support/users/nicu_m/) * (@nicu_m) * [5 years, 11 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13054854) * Hello, * I will have a look over what you have sent me and I will come back with updates. * Best regards, Nicu. * Plugin Author [Nicu Micle](https://wordpress.org/support/users/nicu_m/) * (@nicu_m) * [5 years, 10 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13138440) * Hello, * I’ve just released version `2.2.5`. In this version, it is included a beta version for accessing private content via API. * Just update the plugin, go to general, check the checkbox for Allowing access to private content, and you will be able to make requests on private endpoints. * Also, the JWT can be added in URL, session, cookie, or header. * Let me know if this fits your needs. * Best regards, Nicu. * Thread Starter [jachenry](https://wordpress.org/support/users/jachenry/) * (@jachenry) * [5 years, 10 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13153206) * Hey Nicu! * I was able to verify this on one of my api endpoints. If jwt was supplied, the authenticated version of the content was returned. * Thanks so much! * Jacob Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Rest API Authentication’ is closed to new replies. * ![](https://ps.w.org/simple-jwt-login/assets/icon-256x256.png?rev=2106097) * [Simple JWT Login – Allows you to use JWT on REST endpoints.](https://wordpress.org/plugins/simple-jwt-login/) * [Frequently Asked Questions](https://wordpress.org/plugins/simple-jwt-login/#faq) * [Support Threads](https://wordpress.org/support/plugin/simple-jwt-login/) * [Active Topics](https://wordpress.org/support/plugin/simple-jwt-login/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/simple-jwt-login/unresolved/) * [Reviews](https://wordpress.org/support/plugin/simple-jwt-login/reviews/) * 5 replies * 2 participants * Last reply from: [jachenry](https://wordpress.org/support/users/jachenry/) * Last activity: [5 years, 10 months ago](https://wordpress.org/support/topic/rest-api-authentication-2/#post-13153206) * Status: resolved