plugin-icon

AH JWT Auth

Par andrewheberle·
This plugin allows sign in to WordPress using a JSON Web Token (JWT) contained in a HTTP Header.
auth
authentication
jwt
Évaluations
Ajouter un Avis
Version
1.6.0
Installations actives
20
Mis à jour récemment
Jun 24, 2026

This plugin allows sign in to WordPress using a JSON Web Token (JWT) contained in a HTTP Header that is added by a reverse proxy that sits in front of your WordPress deployment.

Authentication and optionally role assignment is handled by claims contained in the JWT.

If configured, the plugin also validates the JWT aud claim against the expected OAuth2 application audience value.

Verification of the JWT is handled by either:

  • a shared secret key
  • retrieving a JSON Web Key Set (JWKS) from a configured URL

During the login process if the user does not exist an account will be created with a matching role from the JWT, unless automatic user creation has been disabled in the plugin settings.

If the JWT did not contain a role claim then user is created with the role set in the plugin settings (by default this is the subscriber role).

Automatic user creation is enabled by default for backwards compatibility. It can be disabled when user provisioning should remain manual.

Gratuitsur les plans payants
Commencer
En procédant à l’installation, vous acceptez les Conditions d’utilisation de WordPress.com ainsi que les Conditions de l’extension tierce.
Testé jusqu’à version
WordPress 6.9.4
Cette extension est disponible en téléchargement pour votre site .
Télécharger