Title: Redirection API integration into client-side javascript app Last modified: February 8, 2021 --- # Redirection API integration into client-side javascript app * Resolved [danieldrave](https://wordpress.org/support/users/danieldrave/) * (@danieldrave) * [5 years, 3 months ago](https://wordpress.org/support/topic/redirection-api-integration-into-client-side-javascript-app-2/) * Hi there, * I am building a Nuxt JS application as the front-end channel to my WordPress website. * I am currently trying to access a list of all redirects created via the REST API endpoints in the documentation. I am having trouble with authentication engine. The REST API Authentication guide only gives context when using wp_localize_script(). Obviously, given the fact I am building my front-end as a separate application, I can’t utilise that functionality to get a nonce value. * So, what I have done is built a WordPress plugin which will initialise a REST API endpoint (e.g. [http://localhost/sandbox/wp-json/custom-wp-api/auth](http://localhost/sandbox/wp-json/custom-wp-api/auth)) which returns the following data * ``` return [ 'data' => [ 'nonce' => wp_create_nonce('wp_rest') ] ]; ``` * I then use that nonce value within my requests to the Redirection API endpoints as per the documentation but I am getting 401 errors. I imagine that is because that nonce is for a non-logged in user. * ``` async getRedirections (nonce) { const options = { method: 'get', url: 'http://localhost/sandbox/wp-json/redirection/v1/redirect/?_wpnonce=' + nonce } const request = await this.$axios(options) console.dir(request) } ``` * Could you provide some insight into what I should be doing when using WordPress in a headless environment? * I have read via the REST API authentication docs you can use technologies like OAuth1, Application Passwords etc but all of those plugins seem to have limited support and unclear whether they are being maintained to support the latest version of WordPress. * Thanks in advance! Viewing 1 replies (of 1 total) * Plugin Author [John Godley](https://wordpress.org/support/users/johnny5/) * (@johnny5) * [5 years, 3 months ago](https://wordpress.org/support/topic/redirection-api-integration-into-client-side-javascript-app-2/#post-14021445) * A nonce is not an authentication token. It is there to protect against CRSF attacks. You will still need a valid and logged in user. * > Could you provide some insight into what I should be doing when using WordPress > in a headless environment? * I think that is a question best suited to a developer forum and it doesn’t seem specific to Redirection itself. Viewing 1 replies (of 1 total) The topic ‘Redirection API integration into client-side javascript app’ is closed to new replies. * ![](https://ps.w.org/redirection/assets/icon-256x256.jpg?rev=983639) * [Redirection](https://wordpress.org/plugins/redirection/) * [Frequently Asked Questions](https://wordpress.org/plugins/redirection/#faq) * [Support Threads](https://wordpress.org/support/plugin/redirection/) * [Active Topics](https://wordpress.org/support/plugin/redirection/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/redirection/unresolved/) * [Reviews](https://wordpress.org/support/plugin/redirection/reviews/) * 1 reply * 2 participants * Last reply from: [John Godley](https://wordpress.org/support/users/johnny5/) * Last activity: [5 years, 3 months ago](https://wordpress.org/support/topic/redirection-api-integration-into-client-side-javascript-app-2/#post-14021445) * Status: resolved