Support » Plugin: WP OAuth Server (OAuth Authentication) » Why this plugin tries to bock all unauthenticated REST requests?

  • Resolved Tunghsiao Liu

    (@sparanoid)


    I noticed there’s a function call _wo_block_unauthenticated_rest_requests that simple blocks all unauthenticated REST requests. We need to use this public API (wp-json/wp/v2/posts) to list our latest blog posts elsewhere but this could just break our site. What’s the intention of doing that?

    Thanks

Viewing 1 replies (of 1 total)
  • Plugin Author Justin Greer

    (@justingreerbbi)

    Forum Moderator

    Hi,

    The function is in place to allow sites to bock all the REST API unless the call is authenticated. This is good for secure sites that a public API is not desired.

    With this said, the plugin has an option so you can disable/enable this feature.

    Thanks

Viewing 1 replies (of 1 total)
  • The topic ‘Why this plugin tries to bock all unauthenticated REST requests?’ is closed to new replies.