🎉 Double storage, double possibilities : Enjoy 2x storage with all our plans now at no additional cost.

JWT Authentication for WP REST API

Extends the WP REST API using JSON Web Tokens Authentication as an authentication method.
By submitting this form you agree to our Terms & Conditions

This plugin extends the WP REST API by adding JSON Web Tokens Authentication as an authentication method. It requires WP REST API V2 and a minimum PHP version of 7.4.0. You can configure the secret key and enable CORs support, and the plugin provides endpoints for token validation.

Enrique Chavez  

Simple Authentication Method

Extends the WP REST API using JSON Web Tokens Authentication as an authentication method. JSON Web Tokens are an open, industry standard method for representing claims securely between two parties. This plugin provides a simple and secure way to authenticate users and protect your API endpoints.

Easy Installation and Configuration

This plugin is built on top of the WP REST API V2 and requires the minimum PHP version 7.4.0. It also provides support for enabling the PHP HTTP Authorization Header and configuring CORs support. With just a few simple steps, you can install, activate, and configure this plugin to start using JSON Web Tokens for authentication.

Secure Token Generation

Once the plugin is activated, it adds a new namespace and two new endpoints to the WP REST API. The "/jwt-auth/v1/token" endpoint is used to generate a token by validating user credentials. The generated token can then be stored and used for future API requests. This plugin also provides error handling for invalid tokens, ensuring secure authentication for your API.

  • Version
  • Last updated
  • Active Installations

  • Tested up to
  • WP Version
  • PHP Version


It breaks APIs that don't require authorization

By 耗子 (haozi) on September 7, 2023

It breaks APIs that don't require authorization.

Such as WordPress's posts endpoint and WooCommerce's endpoint.

Problem with woocommerce call

By drdigital971 on September 5, 2023


The new version (1.3.3) block woocommerce api call.

I use OAuth1 for woocommerce so I didn't use jwt for that (only for sign in) but now I have a 403 error.

Message: "Authorization header malformed."

Can you tell why and how to resolved that ?

Thank you.

Breaks API calls where no Authorization headers are required

By jeffrey3110 on July 25, 2023

And author don't seems to be able to apply fix in half a year

Error when passing the token

By oaufi on July 7, 2023

Hi Team , I have an issue when i pass the token in postman , Authorization bearer I get error

I have try several tokens and emails but same issue.

 "code": "invalid_username",

    "message": "The email address you entered does not exist.",

    "data": null

Can I Access all Subdirectory & subdomains using this?

By situ on August 30, 2022

Can I Access all Subdirectory & subdomains using this

it works

By ntalam on July 4, 2021

Yep, it works

Great Plugin !

By William (englishanywhere) on March 31, 2021

Using this plugin for over 1 year now and it works very well ! Thank you for your time and energy to develop this app !


By Ahmed Hnewa (ahmedriyadh) on February 11, 2021

I was confused about choosing the jwt plugin. There are 3 versions, the first has not been updated for 6 months and the second has not been updated for two months, the first has not worked, the second has unclear instructions and has some defects despite the presence of a dashboard, and this add-on has not been updated for two years But when I saw that it was updated a day ago, I decided to use it and all the problems that I was facing were resolved. I ask the add-on developers to update them every period, but there is something unclear, how can I amend the token expiry time? Thanks


By hmtkyn on October 6, 2020


Excelente plugin

By omar1996 on August 17, 2020

Excelente trabajo! Estoy muy agradecido por este magnifico trabajo, espero que sigan desarrollando mas plugin de buena calidad. muchas gracias!

Downloads Trend


Are you the author of this plugin, Claim this page

Explore other WordPress plugins

Meta Box – WordPress Custom Fields Framework

Meta Box plugin is a powerful, professional developer toolkit to create custom meta boxes and custom fields for your custom post types in WordPress.

Asesor de Cookies RGPD para normativa europea

Este plugin le facilita la adaptación a la RGPD de su web a la política de cookies mostrando el aviso a los visitantes de su página y proporcionándole …

FileOrganizer – Manage WordPress and Website Files

FileOrganizer is a plugin that helps you to manage all files in your WordPress Site. FileOrganizer provides you the ability to edit, delete, upload, d …

Disable and Remove Google Fonts

Improve frontend performance by disabling Google Fonts. GDPR-friendly.