HTTP Header Authentication for Application Passwords
·
Allows sending application passwords using HTTP headers instead of basic authentication
Use HTTP headers for application passwords instead of basic authentication. Perfect for those sites already protected by basic auth.
Username header: X-WP-USERNAME
Password header: X-WP-PASSWORD
Note that at this point the plugin doesn’t actually remove the basic authentication validation for application passwords, but checks the HTTP headers at a higher priority.