Secure Your WordPress REST API with JWT Authentication: A Step-by-Step Guide | WordPress | E2
Вставка
- Опубліковано 21 жов 2022
- jwt authentication
iwt token
jwt token authentication web api
jwt tutorial
In this video, we'll be exploring how to set up JWT authentication for the WordPress REST API. JWT authentication is a secure and efficient method for protecting your API endpoints and ensuring that only authorized users can access your data. We'll walk you through the steps of installing and configuring the JWT Authentication plugin, generating access tokens, and using them to access the WordPress REST API. You'll learn how to set up JWT authentication for your WordPress site and use it to protect your API endpoints. By the end of this video, you'll have a solid understanding of how to set up JWT authentication for the WordPress REST API and keep your site secure.
SUBSCRIBE NOW: lnkd.in/gs3i6Me
Links:
======================
Gutenberg Tips: thewpvoyage.com/
WP CLI Playlist: • Let's Learn WordPress ...
Rest Authentication: developer.wordpress.org/rest-...
Create Post API: developer.wordpress.org/rest-...
JWT Auth Pluign: wordpress.org/plugins/jwt-aut...
Twitter: / buntywp
Instagram: / buntywp
#wordpress #WordPress #buntywp #BuntyWP #php #PHP #api #restapis #restapi #wprestapi #jwtauthentication #authentication - Наука та технологія
Thanks for watching! Don't forget to subscribe and follow me on Twitter and Instagram. Links are in the description.
It is such a clear tutorial on this specific topic. Thanks !
I am glad to know that this was helpful to you.
THANK YOU SO MUCH BRO YOU'RE A LIFE SAVER!
Thank you for your kind words. Hope this was helpful.
Really help to me. Thanks a lot.
Thank you for your kind words
Thx men ! it's perfect :)
Most welcome. Hope you have subscribed the channel ;)
@@BuntyWP Now yes haha !
@@AlexandreSoete Thanks buddy
salvou minha vida man obg!
Obrigado. Espero que tenha sido útil
Good video thanks! Do you know if cookie authentication works for remote apps, or do we have to have other authentication methods (like JWT) for a remote app to connect to WP API? Basically I have a react app for which I want the users who are logged in to the WP site (and thus have a WP logged in cookie set), to be able to make calls to this WP API from our react app.
Coockie authentication is available, but I think we can't use for Apps. It's better to use this JWT Or Auth for your React app.
You can read the article at here about authentication developer.wordpress.org/rest-api/using-the-rest-api/authentication/#authentication-plugins
This is brilliant.
Are you planning to publish a tutorial that shows how to make orders via API on a WooCommerce-powered WordPress website?
Am
Currently, there is no such plan.
Really useful info. Maybe you can create a Gutenberg swiper slider block tutorial (or slick.js ) ?
Thank you for the suggestion. I will try this. Currently I am also in a learning curve of building blocks.
@@BuntyWP Same here. It is very different and somewhat harder than doing it with ACF. Need to study React JS alongside.
@@codingtostopprocrastinatio9748 According to me making blocks with ACF is very simple. We don't need react for that. I've already made tutorial on that.
hello brother
it's great information video.
but,
Wocommerace no data Get ma Error ave che. please can you help me?
It would be great if you provide more details like which API you are trying? What error you are getting?
Superb buddy, You cleared my way to go ahead. Let me buy a beer for you 😀
Thanks for your kind words. I am glad this is helpful to you.
Can we do it without an additional plugin for authentication ?
You mean JWT token without plugin? OR different type of authentication?
We can do anything, but it will require a custom code.
@@BuntyWP Yes, i meant without the plugin. Ty for answer.
I followed the same process but was not able to create a post via api
What are you getting in the response?
hi how to put attention on get request?
*Authentication
Check out this video ua-cam.com/video/wIk4k5dytcg/v-deo.html
i followed all steps but token is not generating . when i paste the link i get 404 error
Make sure you set the permalink. from the backend.
id yoursiteurl/wp-json showing 404 too?
It worked well for me to generate the token but when I try to create a post or just request the validate endpoint I get the following error, any thoughts?
{
"code": "jwt_auth_bad_config",
"message": "JWT is not configured properly, please contact the admin",
"data": {
"status": 403
}
}
I hope you are creatng post with user who has access to create post.
Also make sure you define the JWT_AUTH_SECRET_KEY in the wp-config.php
Sometimes you have to enable CORS. Try defining JWT_AUTH_CORS_ENABLE in the wp-config
Good day pls how can i authenticate an an api by verifying the current user is logged in without the use of plugins. Pls I need your help, anybody with such will also be appreciated
May be coockie auth might helpful developer.wordpress.org/rest-api/using-the-rest-api/authentication/#cookie-authentication
But most recommended way is to authentication.
WP's official document recommends that developer.wordpress.org/rest-api/using-the-rest-api/authentication/#authentication-plugins
@@BuntyWP pls sir I don't know how to go about it pls🙏🙏 can you register rest api endpoint that has callback to get current user and a permission callback to check if the user is lodged in. I really appreciate it if you show the code on how to embark on such task
@@tochukwuokafor1251 For that you hve to use any authentication only. WP has no such API which does that.
So from Authentication plugin, you will get a token as shown in this video. Token is an identifier of that user, by which WP determines which user is that.
One token is generated, you can use permission callback like shown here ua-cam.com/video/id1FFLZT5oE/v-deo.html
I would suggest you to go through my WP REST API playlist, your concept will be clear about this.
I've added Playlist URL in the description.
@@BuntyWP okay I can see that you can pass a bearer token to check if user is logged in from the post man. Now my question is there a way to pass the bearer token into the wp rest api URL (may be in the headers or URL query params) for someone to consume on the frontend(react)
@@tochukwuokafor1251 Yes, you can pass it to header like this prnt.sc/ly0Fm1oAFrem
I am not sure how to pass header in react, but I hope you get the idea. Let me know if that helps
This plugin has not been updated in 8 months? Kind of worried to use this plugin for a large project
Well, if it is not updated, doesn't mean it is vulnerable. But you can anyways contact the plugin author.
@@BuntyWP Is it still working well for you?
@@wotwot2 Yes. Are you having any trouble using this?
@@BuntyWP I have not yet tried, I was just a bit worried that it may have been breaking sites due to compatibility issues because of lack of updates. If it is still working well for you, I will give it a shot :)
@@wotwot2 Yep, just try it.
I tried generating the jwt auth token via postman but it is giving error -
{
"code": "rest_no_route",
"message": "No route was found matching the URL and request method.",
"data": {
"status": 404
}
}
Make sure you do correct URL, JWT plugin active, add constant in wp-config and your permalink is set.
@@BuntyWP I followed the all above process but still not able to create a post via api
@@srai2154 @buntyWP I too having this same issue
Make sure to save permalinks
@@BuntyWP No luck :( Still there is the same issue