Disable REST API and Require JWT / OAuth Authentication
·
Disables all REST API endpoints and requires JWT or OAuth Authentication.
When you activate this plugin, all REST API endpoints will be disabled for non-authorized requests.
Best used with any of these plugins:
Blocks ALL REST API endpoints except for:
- /jwt-auth/v1/token/validate
- /jwt-auth/v1/token
- /oauth/authorize
- /oauth/token
- /oauth/me
Allows all REST API endpoints if they come with a valid Bearer Token Authentication (authentication via GET URL variables are still blocked)
When used alone in your site, your REST API will essentially be disabled.
Note that this plugin itself doesn’t provide JWT or OAuth authentication, it only whitelists them.
Features
- No settings page
- You can whitelist other REST API endpoint via a filter hook (see FAQs below)
- Blocks all REST API endpoints.. but
- Allows requests with Bearer Token Authentication.. and
- Allows JWT Authentication for WP REST API & WP OAuth Server authentication endpoints