plugin-icon

Disable REST API and Require JWT / OAuth Authentication

By Benjamin Intal·
Disables all REST API endpoints and requires JWT or OAuth Authentication.
api
JSON
rest
Rating
Add a review
Version
1.0
Active installations
60
Last updated
Sep 26, 2017
Disable REST API and Require JWT / OAuth Authentication

When you activate this plugin, all REST API endpoints will be disabled for non-authorized requests.

Best used with any of these plugins:

Blocks ALL REST API endpoints except for:

  • /jwt-auth/v1/token/validate
  • /jwt-auth/v1/token
  • /oauth/authorize
  • /oauth/token
  • /oauth/me

Allows all REST API endpoints if they come with a valid Bearer Token Authentication (authentication via GET URL variables are still blocked)

When used alone in your site, your REST API will essentially be disabled.

Note that this plugin itself doesn’t provide JWT or OAuth authentication, it only whitelists them.

Features

  • No settings page
  • You can whitelist other REST API endpoint via a filter hook (see FAQs below)
  • Blocks all REST API endpoints.. but
  • Allows requests with Bearer Token Authentication.. and
  • Allows JWT Authentication for WP REST API & WP OAuth Server authentication endpoints
Freeon Business plan
Get started
By installing, you agree to WordPress.com Terms of Service and Third-Party plugin Terms.
Tested up to
WordPress 4.8.27
This plugin is available for download for your site.
Download