Title: Authentication with JWT?
Last modified: December 16, 2016

---

# Authentication with JWT?

 *  Resolved [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 5 months ago](https://wordpress.org/support/topic/authentication-with-jwt/)
 * Hello, I’d like to know if this plugin works with jwt token authentification:
   [https://br.wordpress.org/plugins/jwt-authentication-for-wp-rest-api/](https://br.wordpress.org/plugins/jwt-authentication-for-wp-rest-api/)

Viewing 11 replies - 1 through 11 (of 11 total)

 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 5 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8601393)
 * Not sure… We’re using the “is_user_logged_in()” function, so if the JWT plugin
   provides authentication that works with this, then it should be ok.
 *  Thread Starter [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8640628)
 * I tested the plugin with JWT Authentication, this works fine for the core post_type.
   
   But REST API Toolbox doesn’t work for custom post type Could be a great improvement
   to enable Custom Post Type control too instead just core options.
 * [CORRECTION] It doesn’t work with JWT, my mistake…
    -  This reply was modified 9 years, 4 months ago by [pesseba](https://wordpress.org/support/users/pesseba/).
 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8642557)
 * Custom post type support sounds like a good idea. I’ll take a look at adding 
   support for that, and I’ll try to dig into the JWT source code to see what’s 
   going on there with authentication.
 *  Thread Starter [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8648592)
 * I’m noob in PHP and WP framework but I’m trying to customize myself something.
   The custom post type endpoints I found a simple solution:
 * Just add this after $endpoints declaration:
 *     ```
       $post_types = get_post_types();			
       $endpoints = array_merge($endpoints,$post_types);
       ```
   
 * That’s run ok but it’s not perfect… you must add the ‘rest_base’ parameter insted
   post name.
 * For JWT I’m trying something, but my skills is limited…
 * I think the REST API must be limited by authentication and for user permissions
   too.
 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8648624)
 * I’ve been working on custom post type support, will have it release in the next
   couple days: [https://github.com/petenelson/wp-rest-api-toolbox/commits/feature/37-custom-post-types](https://github.com/petenelson/wp-rest-api-toolbox/commits/feature/37-custom-post-types)
 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8649213)
 * After finally getting it working on my local server, I tested it out and it looks
   like it works correctly with JWT.
 * I set the posts endpoint to require authentication.
 * With a valid authorization token
    ⌊With a valid authorization token⌉
 * Without a valid authorization token
    ⌊Without a valid authorization token token⌉
 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8655867)
 * I release the new version last night with custom post type support. Have you 
   had a chance to give that a try yet?
 *  Thread Starter [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8659570)
 * Ow… I will try it. Nice!
 *  Thread Starter [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8661322)
 * Hi, I tested the new version of the plugin. I discovered what happend here…
 * In fact the JWT Authentication worked fine in my localhost. But when I save The
   Rest API Toolbox configurations, in WP panel, my .htaccess is refreshed without
   the JWT rewrite rules configuration… So Jwt stops working after that.
 * I don’t know why this happen. I found this link about: [https://perishablepress.com/stop-wordpress-htaccess/](https://perishablepress.com/stop-wordpress-htaccess/)
 *  Plugin Author [Pete Nelson](https://wordpress.org/support/users/gungeekatx/)
 * (@gungeekatx)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8661345)
 * Our plugin does flush the rewrite rules when the page is saved. This is due to
   the ability to change the REST API prefix and the rules need to be flushed for
   any custom prefix to work.
 * I assume this is what’s getting removed when rewrite rules are flushed:
    RewriteCond%{
   HTTP:Authorization} ^(.*) RewriteRule ^(.*) – [E=HTTP_AUTHORIZATION:%1]
 * Maybe try adding that rule outside of the # BEGIN WordPress and # END WordPress
   markers? Rewrite rules are also flushed when Settings > Permalinks are saved,
   so it would be good to exclude the authorization rule from that .htaccess block
   anyway.
 *  Thread Starter [pesseba](https://wordpress.org/support/users/pesseba/)
 * (@pesseba)
 * [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8662432)
 * Ok… no problems. Could be nice an advise in panel about this. For example, the
   permalinks checks if the .htaccess is read-only and display for user an advise
   with the new rewrite text for manually update.

Viewing 11 replies - 1 through 11 (of 11 total)

The topic ‘Authentication with JWT?’ is closed to new replies.

 * ![](https://ps.w.org/rest-api-toolbox/assets/icon-128x128.png?rev=1396954)
 * [REST API Toolbox](https://wordpress.org/plugins/rest-api-toolbox/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/rest-api-toolbox/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/rest-api-toolbox/)
 * [Active Topics](https://wordpress.org/support/plugin/rest-api-toolbox/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/rest-api-toolbox/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/rest-api-toolbox/reviews/)

 * 11 replies
 * 2 participants
 * Last reply from: [pesseba](https://wordpress.org/support/users/pesseba/)
 * Last activity: [9 years, 4 months ago](https://wordpress.org/support/topic/authentication-with-jwt/#post-8662432)
 * Status: resolved