WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.
WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.
WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.
Based on user's WordPress roles/capabilities users can get access to his WordPress Dashboard and other REST APIs for that site.
Provide the Signature Verification and Validation along with JWT Token Validation. also, an option to select the Signing Algorithm to validate the JWT token.
Default token expiry time provided is 1 hour. Using this feature admin can change the token expiry date as per his requirement.
Default all the WordPress REST APIs will be protected. Using this feature admin can make some APIs to publicly accessible with out authentication.
Default Authorization Header will be used to authenticate the requests. Using this feature admin can change Authorization header to any other header accordingly.
Provides features to encrypt the token passed in the header in Basic Authentication method using the HMAC encryption method which makes your header token much secure and users credentials can’t be exposed.
This feature is present in the API Key Authentication method in which the token(key) is generated based on the WordPress users and that will help in accessing those APIs that require WordPress user credentials.
This feature allows to authenticate the API based on the JWT token, which provides the facility to authenticate the APIs based on the JWT token received from the external Providers.
If you want to protect your WP REST APIs(eg. post, pages and other REST APIs) with users login credentials or client-id:client-secret, then you can opt for this method. It is recommended that you should use this method on HTTPS or secure socket layer.
If you want to protect your WP REST APIs from unauthenticated users but you don’t want to share users login credentials or client id, secret to authenticate the REST API, then you can use API Key authentication, which will generate a random authentication key for you. Using this key, you can authenticate any REST API on your site.
If you are looking to protect your REST APIs using the JWT token and if you do not have any third party provider that issues the JWT token, then you should go for JWT Authentication method. In this case, our WordPress REST API Authentication itself issues the JWT token and works as an API Authenticator to protect your REST APIs.
If you are looking for protecting your REST APIs using the access-token and at the same time you do not have any third party provider/identity provider, then you should go for OAuth 2.0 Authentication method. In this scenario, our WordPress REST API Authentication works as both OAuth Server and API Authenticator to protect your REST APIs.
If you are looking for protecting/restricting access to your WP REST APIs using your OAuth Provider/Identity provider, then you should go for Third Party Provider Authentication method.Here, you just need to configure the plugin with Introspection Endpoint/User Info Endpoint provided by your Identity Provider and you will be able to authenticate the API Request using the token provided by your provider application.
We do not provide the developer license for our paid plugins and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the plugin which can be used by the developers to extend the plugin's functionality.
At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you've attempted to resolve any issues with our support team, which couldn't get resolved. We will refund the whole amount within 10 days of the purchase. Please email us at oauthsupport@xecurify.com for any queries regarding the return policy.
This integration provides the facility for authentication of WooCommerce REST API, so all the Woocomerce will be authenticated against the key(token). You can authenticate the WooCommerce store APIs with your mobile or desktop.
This integration allows you to authenticate the Learndash REST endpoints by validating against the token(key). It provides you with secure access to Learndash user profiles, courses, groups & many more APIs.
The plugins support interaction with Gravity Forms from external client applications. This integration allows you to authenticate the Gravity form REST endpoints by validating against the token(key).
This integration allows you to authenticate the Buddypress REST endpoints by validating against the token(key). You can access BP REST API endpoints and also authenticate those from different Authentication methods like JWT token, API Keys etc.
We provide the support for integrating External/Custom API in Wordpress, it will provide the facility to perform some action or fetch the data through the External API call. For more information please contact us on info@xecurify.com
The product performed perfectly.
I did experience a minor config error and reached out for support. The solution was swift, simple and perfectly resolved.
There is no other plug-in on the market that did this with the level of ratings and tech-support. I had to contact the team several times and they were highly responsive and helpful. Highly recommended.
I had an issue using the plugin in the first place. Then I contacted the support. They came back really quick . Eventually the support guys helped me solved the problem in a video meeting. Great support
I recently contacted the support team for a problem related to authentiction and they solved my problem in a very good way
Great support!
The functionality and capabilities of the plugin are great. Response of support team with setting up mapping of multiple roles was very quick and helpful.
I was trying to use this plugin to connect and create posts using HTTP requests. On single request, Support was kind enough to get on a meeting call and solved this for me!!!
This plugin did the job and has ton of great features.Keep up the good work.
Emailed the plugin author and received a very quick, very helpful reply!
Perfect and really needed plugin that have multiple options
thanks
Need Help? We are right here!
