None.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":0},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":"1736141","resolution":"128x128","location":"assets"},"icon-256x256.png":{"filename":"icon-256x256.png","revision":"1736141","resolution":"256x256","location":"assets"}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":"1736141","resolution":"1544x500","location":"assets"},"banner-772x250.png":{"filename":"banner-772x250.png","revision":"1736141","resolution":"772x250","location":"assets"}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":"1736141","resolution":"1","location":"assets"},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":"1736141","resolution":"2","location":"assets"}},"screenshots":{"1":"Blocked REST API requests","2":"Authenticated REST API requests are allowed"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1556,1118,2299,23853,867],"plugin_category":[],"plugin_contributors":[79460,80306],"plugin_business_model":[],"class_list":["post-75214","plugin","type-plugin","status-publish","hentry","plugin_tags-api","plugin_tags-json","plugin_tags-rest","plugin_tags-rest-api","plugin_tags-web","plugin_contributors-bfintal","plugin_contributors-gambitph","plugin_committers-bfintal"],"banners":{"banner":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/banner-772x250.png?rev=1736141","banner_2x":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/banner-1544x500.png?rev=1736141","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/icon-128x128.png?rev=1736141","icon_2x":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/icon-256x256.png?rev=1736141","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/screenshot-1.jpg?rev=1736141","caption":"Blocked REST API requests"},{"src":"https:\/\/ps.w.org\/disable-rest-api-and-require-jwt-oauth-authentication\/assets\/screenshot-2.jpg?rev=1736141","caption":"Authenticated REST API requests are allowed"}],"raw_content":"\n
When you activate this plugin, all REST API endpoints will be disabled for non-authorized requests.<\/strong><\/p>\n\n Best used with any of these plugins:<\/p>\n\n Blocks ALL<\/em> REST API endpoints except for:<\/p>\n\n Allows all REST API endpoints if they come with a valid Bearer Token Authentication<\/strong> (authentication via GET URL variables are still blocked)<\/p>\n\n When used alone in your site, your REST API will essentially be disabled.<\/p>\n\n Note that this plugin itself doesn't provide JWT or OAuth authentication, it only whitelists them.<\/p>\n<\/blockquote>\n\n This plugin is similar to Disable REST API, wherein it disables all REST API endpoints, but it<\/em> still allows the authentication endpoints provided by:<\/p>\n\n And if a Bearer Token Authentication<\/strong> is provided, then the REST API becomes available.<\/p><\/dd>\n Open a new incognito browser tab or private browser tab and visit your You will see this message:<\/p>\n\n A Bearer Token Authenticated REST API request is a REST API call with this header<\/strong>:<\/p>\n\n Authorization: Bearer XXXXXXX<\/p>\n<\/blockquote>\n\n The XXXXXXX<\/em> corresponds to the authentication token given by any of these 2 plugins:<\/p>\n\n That is outside the scope of this plugin, please refer to the docs of the respective plugins:<\/p>\n\n I've placed a filter called For example, I want to allow \n
\n
\n
Features<\/h4>\n\n
\n
\n
\n
\n
\n
wp-json<\/code> URL:<\/p>\n\n\n
http:\/\/mysite\/wp-json\/<\/code><\/p>\n<\/blockquote>\n\n\n
{\"code\":\"rest_not_logged_in\",\"message\":\"You are not currently logged in.\",\"data\":{\"status\":401}}<\/code><\/p>\n<\/blockquote><\/dd>\n\n
\n
\n
reqauth\/allowed_endpoints<\/code> where you can add your own REST API endpoints to the whitelist.<\/p>\n\n\/my-endpoint<\/code> for non-authorized REST API calls:<\/p>\n\nadd_filter( 'reqauth\/allowed_endpoints', 'allow_my_endpoints' );\nfunction( $allowed_endpoints ) {\n $allowed_endpoints[] = '\/my-endpoint';\n return $allowed_endpoints;\n}\n<\/code><\/pre><\/dd>\n\n<\/dl>\n\n\nv1.0<\/h4>\n\n
\n