WordPress Rest API Authentication

WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.

WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.

WordPress REST API Authentication plugin secures the unauthorized access to your WordPress REST APIs. It provides you with variety of authentication methods like API key authentication, OAuth 2.0 authentication, JWT authentication, Authentication with External IDP / Third Party Provider using Introspection Endpoint etc.
Choose the best fit for your environment & provide secure REST API authentication into communication between your client and the service application.

Slider

Key Features

Role based access to WP REST APIs

Based on user's WordPress roles/capabilities users can get access to his WordPress Dashboard and other REST APIs for that site.

Signature Validation

Provide the Signature Verification and Validation along with JWT Token Validation. also, an option to select the Signing Algorithm to validate the JWT token.

Custom Token Expiry

Default token expiry time provided is 1 hour. Using this feature admin can change the token expiry date as per his requirement.

Exclude REST APIs

Default all the WordPress REST APIs will be protected. Using this feature admin can make some APIs to publicly accessible with out authentication.

Custom Header

Default Authorization Header will be used to authenticate the requests. Using this feature admin can change Authorization header to any other header accordingly.

HMAC Encryption

Provides features to encrypt the token passed in the header in Basic Authentication method using the HMAC encryption method which makes your header token much secure and users credentials can’t be exposed.

User Based API Key(Token)

This feature is present in the API Key Authentication method in which the token(key) is generated based on the WordPress users and that will help in accessing those APIs that require WordPress user credentials.

Third Party JWT Token support

This feature allows to authenticate the API based on the JWT token, which provides the facility to authenticate the APIs based on the JWT token received from the external Providers.

Rest API Authentication Methods

wordpress single sign-on sso login form add-on integration

Basic Authentication

If you want to protect your WP REST APIs(eg. post, pages and other REST APIs) with users login credentials or client-id:client-secret, then you can opt for this method. It is recommended that you should use this method on HTTPS or secure socket layer.

wordpress single sign-on sso login form add-on integration

API Key Authentication

If you want to protect your WP REST APIs from unauthenticated users but you don’t want to share users login credentials or client id, secret to authenticate the REST API, then you can use API Key authentication, which will generate a random authentication key for you. Using this key, you can authenticate any REST API on your site.

wordpress single sign-on sso login form add-on integration

JWT Authentication

If you are looking to protect your REST APIs using the JWT token and if you do not have any third party provider that issues the JWT token, then you should go for JWT Authentication method. In this case, our WordPress REST API Authentication itself issues the JWT token and works as an API Authenticator to protect your REST APIs.

wordpress single sign-on sso media restriction add-on integration

OAuth 2.0 Authentication

If you are looking for protecting your REST APIs using the access-token and at the same time you do not have any third party provider/identity provider, then you should go for OAuth 2.0 Authentication method. In this scenario, our WordPress REST API Authentication works as both OAuth Server and API Authenticator to protect your REST APIs.

wordpress single sign-on sso discord role mapping

Third Party Provider Authentication

If you are looking for protecting/restricting access to your WP REST APIs using your OAuth Provider/Identity provider, then you should go for Third Party Provider Authentication method.Here, you just need to configure the plugin with Introspection Endpoint/User Info Endpoint provided by your Identity Provider and you will be able to authenticate the API Request using the token provided by your provider application.

Plans For Everyone

$149 (one time payment)

API Key Authentication Method


Upgrade now

$149 (one time payment)

Basic Authentication Method


Upgrade now

$199 (one time payment)

JWT Authentication Method


Upgrade now

$249 (one time payment)

OAuth 2.0 Authentication Method


Upgrade now


$349 (one time payment)

Authentication From External OAuth Providers


Upgrade now

(one time payment)

Authentication From External Providers


Request a quote

$399 (one time payment)

Protecting 3rd Party Plugin or Custom APIs


Upgrade now

$449 (one time payment)

All Inclusive Plan


Upgrade now


* Cost applicable for one instance only. Licenses are perpetual and the Support Plan includes 12 months of maintenance (support and version updates). You can renew maintenance after 12 months at 50% of the current license cost.

We do not provide the developer license for our paid plugins and the source code is protected. It is strictly prohibited to make any changes in the code without having written permission from miniOrange. There are hooks provided in the plugin which can be used by the developers to extend the plugin's functionality.

At miniOrange, we want to ensure you are 100% happy with your purchase. If the premium plugin you purchased is not working as advertised and you've attempted to resolve any issues with our support team, which couldn't get resolved. We will refund the whole amount within 10 days of the purchase. Please email us at oauthsupport@xecurify.com for any queries regarding the return policy.

Integrations

wordpress single sign-on sso login form add-on integration

WooCommerce APIs Authentication

This integration provides the facility for authentication of WooCommerce REST API, so all the Woocomerce will be authenticated against the key(token). You can authenticate the WooCommerce store APIs with your mobile or desktop.

wordpress single sign-on sso login form add-on integration

Learndash APIs Authentication

This integration allows you to authenticate the Learndash REST endpoints by validating against the token(key). It provides you with secure access to Learndash user profiles, courses, groups & many more APIs.

wordpress single sign-on sso login form add-on integration

Gravity Form APIs Authentication

The plugins support interaction with Gravity Forms from external client applications. This integration allows you to authenticate the Gravity form REST endpoints by validating against the token(key).

wordpress single sign-on sso login form add-on integration

BuddyPress APIs Authentication

This integration allows you to authenticate the Buddypress REST endpoints by validating against the token(key). You can access BP REST API endpoints and also authenticate those from different Authentication methods like JWT token, API Keys etc.

wordpress single sign-on sso login form add-on integration

External APIs Integration

We provide the support for integrating External/Custom API in Wordpress, it will provide the facility to perform some action or fetch the data through the External API call. For more information please contact us on info@xecurify.com

WHAT OUR CUSTOMERS SAY

Fantastic product and great support
Image is not available

The product performed perfectly.
I did experience a minor config error and reached out for support. The solution was swift, simple and perfectly resolved.

Great plug-in and support
Image is not available

There is no other plug-in on the market that did this with the level of ratings and tech-support. I had to contact the team several times and they were highly responsive and helpful. Highly recommended.

Great support
Image is not available

I had an issue using the plugin in the first place. Then I contacted the support. They came back really quick . Eventually the support guys helped me solved the problem in a video meeting. Great support

Software and support excellent
Image is not available

I recently contacted the support team for a problem related to authentiction and they solved my problem in a very good way
Great support!

Excelent software and support
Image is not available

The functionality and capabilities of the plugin are great. Response of support team with setting up mapping of multiple roles was very quick and helpful.

Awesome Support!
Image is not available

I was trying to use this plugin to connect and create posts using HTTP requests. On single request, Support was kind enough to get on a meeting call and solved this for me!!!

Excellent Support
Image is not available

This plugin did the job and has ton of great features.Keep up the good work.

Fast Support
Image is not available

Emailed the plugin author and received a very quick, very helpful reply!

Perfect and really needed
Image is not available

Perfect and really needed plugin that have multiple options
thanks

previous arrowprevious arrow
next arrownext arrow
Slider
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com