Skip to content
This repository has been archived by the owner. It is now read-only.
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

DEPRECATED - This library is no longer maintained/supported.

This library was built as an example for a session in a PHP conference, and is no longer supported.

#Wordpress JWT Authentication

Authenticate your APIs with JWT easily.


  • Aud: represents the client id which the JWT was sent.
  • Secret: used to verify the JWT signature
  • Base64 Secret Encoded: it must be active if the secret is base64 encoded and needs to be decoded before checkig the signature.
  • User Property: is the property which much match with the JWT attribute to determine the user.
  • JWT Attribute: should match the User Property to determine the user.

##How it works

This plugin will check the headers of the requests and if there is an Authorization header will try to log in a user that matches. So it is as easy to check for the current user to authenticate users in your own API.

Also, it provides support for the following plugins:

And any other that extends Wp Rest Api like for BuddyPress.

##Overriding the User Repository logic The user repository is the responsible of retriving the user based on the JWT. By default, it looks in the user database to match the User Property and the JWT Attribute.

If you need to override the way the user matching is made (ie: you need to look to another table in the database) you can create your own User Repostory and match the user as you need.

To accomplish this, you need to add a filter:

    add_filter( 'wp_jwt_auth_get_user', array( __CLASS__, 'get_user' ),10);

To see an example, check the UsersRepo.

When the plugin is using a User Repository the User Property and JWT Property settings are ignored.


[DEPRECATED] This plugin targets to add JWT authentication to Wordpress API's provided by plugins.




No packages published