Search Results :
Ă—We have provided below Authentication Methods in our WordPress plugin.
1. Username:Password
2. Client-ID:Client-Secret
1. Password Grant
2. Client Credentials Grant
Applications/Use-Cases:
Basic Authentication:
Request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Basic base64encoded <username:password >
Sample request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Basic eGw2UllOdFN6WmxKOlNMRWcwS1ZYdFVrbm5XbVV2cG9RVFNLZw==
Request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Basic base64encoded <client-id:client-secret>
Sample request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Basic eGw2UllOdFN6WmxKOlNMRWcwS1ZYdFVrbm5XbVV2cG9RVFNLZw==
API Key Authentication
Request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Bearer <token>
Sample request: GET https://<domain-name>/wp-json/wp/v2/posts
Header: Authorization : Bearer kGUfhhzXZuWisofgnkAsuHGDyfw7gfhg5s
JWT Authentication
Request:
POST https://<domain-name>/wp-json/api/v1/token
Body:
username = < wordpress username >
&password = < wordpress password >
Request:
GET https://<domain-name>/wp-json/wp/v2/posts
Header:
Authorization : Bearer < JWT token >
Note : Above token is valid for 1 hour. Users have to create a token each time they want to request the API access.
OAuth 2.0 Authentication
Request:
POST https://<domain-name>/wp-json/api/v1/token
Body:
grant_type = < password >
&username = < wordpress username >
&password = < wordpress password >
&client_id = < client id >
Request:
POST https://<domain-name>/wp-json/api/v1/token
Body:
grant_type = < refresh_token >
&refresh_token = < Refresh Token >
Request:
GET https://<domain-name>/wp-json/wp/v2/posts
Header:
Authorization : Bearer < access_token / id_token >
Note : Above token is valid for 1 hour. Users have to create a token each time they want to request the API access.
Request:
POST https://<domain-name>/wp-json/api/v1/token
Body:
grant_type = < client_credentials >
&client_id = < client id >
&client_secret = < client secret >
Request:
POST https://<domain-name>/wp-json/api/v1/token
Body:
grant_type = < refresh_token >
&refresh_token = < Refresh Token >
Request:
GET https://<domain-name>/wp-json/wp/v2/posts
Header:
Authorization : Bearer < access_token / id_token >
Note : Above token is valid for 1 hour. Users have to create a token each time they want to request the API access.
Authentication using Third Party Provider
Request:
GET https://<domain-name>/wp-json/wp/v2/posts
Header:
access_token : < access_token >
OR id_token : < id_token >