REST API Authentication for Joomla

The REST API Authentication plugin for Joomla provides security against unauthorised access to your Joomla REST APIs. It provides you with a variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with an External IDP/Third Party Provider using Introspection Endpoint etc. Choose the best fit for your environment and provide secure REST API authentication in communication between your client and the service application.

REST API Authentication for Joomla

Features

Role based access to Joomla REST APIs

Based on user's Joomla roles/capabilities users can get access to his Joomla Dashboard and other REST APIs for that site.

Signature Validation

Provide the Signature Verification and Validation along with JWT Token Validation. Also, an option to select the Signing Algorithm to validate the JWT token.

Custom Token Expiry

Default token expiry time provided is 1 hour. Using this feature admin can change the token expiry date as per his requirement.

Exclude REST APIs

Default all the Joomla REST APIs will be protected. Using this feature admin can make some APIs to publicly accessible without authentication.

Custom Header

Default Authorization Header will be used to authenticate the requests. Using this feature admin can change Authorization header to any other header accordingly.

Supported Methods

Basic Authentication

Basic Authentication

If you want to protect your Joomla REST APIs (e.g. posts, pages, and other REST APIs) with users' login credentials or client-id:client-secret, then you can opt for this method. It is recommended that you use this method on HTTPS or Secure Socket Layer.

API Key Authentication

If you want to protect your Joomla REST APIs from unauthenticated users but you don’t want to share the users' login credentials or client id, then you can use API Key authentication, which will generate a random authentication key for you. Using this key, you can authenticate any REST API on your site.

API Key Authentication
JWT Authentication

JWT Authentication

If you are looking to protect your REST APIs using the JWT token and if you do not have any third-party provider that issues the JWT token, then you should go for the JWT Authentication method. In this case, our Joomla REST API Authentication itself issues the JWT token and works as an API Authenticator to protect your REST APIs.

OAuth 2.0 Authentication

If you are looking for protecting your REST APIs using the access-token and at the same time you do not have any third party provider/identity provider, then you should go for OAuth 2.0 Authentication method. In this scenario, our Joomla REST API Authentication works as both OAuth Server and API Authenticator to protect your REST APIs.

OAuth 2.0 Authentication
Third Party Provider Authentication

Third Party Provider Authentication

If you are looking for protecting/restricting access to your Joomla REST APIs using your OAuth Provider/Identity provider, then you should go for Third Party Provider Authentication method. Here, you just need to configure the plugin with Introspection Endpoint/User Info Endpoint provided by your Identity Provider and you will be able to authenticate the API Request using the token provided by your provider application.

Joomla Customization

Customization Services

We also provide efficient Joomla customization services, where we develop state of the art plugins and extensions for Joomla with custom modifications to cater to all your needs. miniOrange is extremely experienced and efficient in Joomla development and can develop and customize multiple Joomla features to secure Joomla sites and applications.

Please click here for our EULA.

Hello there!

Need Help? We are right here!

support