Can I authenticate with both WooCommerce consumer key and JWT?

Yes this is possible by structuring your requests appropriately.

For system requests use OAuth 1.0 (consumer key as before), but encode it to include the OAuth credentials in the URL not in the headers. Having the OAuth credentials in the Authorisation header triggers the JWT error.

GET https://DOMAIN/wp-json/wc/v1/subscriptions
* Authorization: `OAuth 1.0`
  * Consumer key: FILLED IN
  * Consumer secret: FILLED IN
  * Other fields: blank
* Headers: blank
* Body: blank

To request a token (for a user-based query), you don’t use authorization, you include the user credentials in the body:

POST https://DOMAIN/wp-json/jwt-auth/v1/token
* Authorization: `No Auth`
* Headers: blank
* Body: `form-data`
  * key: username, value: test
  * key: password, value: test

Once you have the token, you can add it to the Authentication header per JWT requirements.

To test these queries, it’s easiest to use a dedicated tool like httpie or Postman.

Reference: https://github.com/Tmeister/wp-api-jwt-auth/issues/87

Related Posts:

  1. How to: Make JWT-authenticated requests to the WordPress API
  2. WordPress Rest API: How do we validate with our custom API key?
  3. How to Authenticate WP REST API with JWT Authentication using Fetch API
  4. authentication issue with rest api – rest_cannot_create
  5. WP REST API: check if user is logged in
  6. How to login to WordPress site using basic authentication HTTP headers?
  7. Can we access the REST request parameters from within the permission_callback to enforce a 401 by returning false?
  8. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  9. Can’t GET draft posts via REST API from headless frontend
  10. Create Session with JWT
  11. WP REST API GET Requests require authentication
  12. current_user_can(‘administrator’) returns false when I’m logged in
  13. Authenticating with REST API
  14. Make authorization mandatory on custom routes
  15. WP REST API – Nonce passes wp_verify_nonce even after logout
  16. How to force JWT auth for default GET endpoints of WordPress rest api?
  17. REST API: best place to set current user for JWT auth?
  18. WordPress + REST API v2 and private pages Load by slug
  19. REST API authentication for a plugin
  20. PHP: authenticate for a REST request?
  21. Rest API basic auth not working
  22. Authenticate current user to REST API
  23. Rest API: wp_verify_nonce() fails despite receiving correct nonce value
  24. Getting 401 from ajax using an application password
  25. How to connect android app with WordPress website?
  26. WordPress REST API calls that depend on the WordPress User
  27. WordPress HTTP API NTLM Authentication
  28. Advanced Access Manager: RESTful endpoint to refresh token
  29. Best Authetication between REST API and Mobile App
  30. Log in user using WordPress REST API
  31. Secure WordPress API, how?
  32. wp_nonce vs jwt
  33. register/login api
  34. How can I secure my custom rest api endpoint or add under a already existing rest group
  35. Register rest field authentication with REST API
  36. REST API Integration without user account?
  37. WP REST API with Basic Auth at target website
  38. Cant POST with REST API on WordPress
  39. REST API – Authentication/Logon security
  40. custom REST endpoints and application passwords
  41. wordpress rest api authentication failed
  42. Is the WordPress REST API installed and enabled in a vanilla WordPress 4.7 installation?
  43. check the requesting url
  44. WP REST API Require Password for GET Endpoint
  45. WP REST API V2 – Retrieve sub page by full slug (URL/Path)
  46. How to check WordPress website username and password is correct
  47. How to build a plugin that supports authenticated POST requests to the REST API from external servers?
  48. How to use the WP REST API for new user registration (sign up form)?
  49. Attach featured image to custom endpoints
  50. WordPress: How to create custom REST API route?
  51. REST API URL parameters not working with apache server
  52. How to Pull ALL Posts, Categories, or Tags in WordPress REST API
  53. Query the REST API for a Tag by slug
  54. Rest API Custom Endpoint with space character
  55. apiFetch security
  56. 403 Forbidden with gutenberg
  57. Application Password is not enable by default?
  58. Cannot get ‘sanitize_callback’ to work for rest parameters
  59. How to use current_user_can() in register_rest_route()?
  60. What’s the “?P” register rest api construct, what is for and where to find official docs?
  61. WordPress REST API json – How to activate gzip compression?
  62. How to save generated JWT token to cookies on login?
  63. WordPress custom endpoint returning blank response
  64. WP_REST_Response() doesn’t seem to return the expected object
  65. Setting ?context=edit results in rest_forbidden_context, even for an Administrator user
  66. WP Rest Api- Update callback (POST request) to existing database table through the rest api
  67. Save default options as an array of options and display in REST API
  68. WordPress REST Api get posts by ID
  69. [Zapier + WP Webhooks Pro]: Custom Fields get cut off at first comma or semicolon
  70. Which route in the WP REST API do I access data passed into register_setting()?
  71. How to use Python to create a Post in WordPress?
  72. Send a get request to wordpress
  73. Replace content via rest api only?
  74. WP rest api endpoint protection using jwt token
  75. WP Rest API – Change response status code for failed validation request
  76. Unable to create a Rest end-point
  77. Can i fetch the list of pouplar posts of last 24 hours from WordPress API?
  78. WordPress Rest Api rest_cannot_edit
  79. how to create JSON array [] for REST response?
  80. Getting 401 unauthenticated error in WP Rest API revisions
  81. How to receive JSON payload from a digital device
  82. WordPress Custom Rest Api – How to get Image Url?
  83. Remote publishing using WP’s RetAPI // Issues with HTACCESS
  84. save_post hook error with REST API
  85. Connecting WordPress with an External API
  86. Users REST API not working?
  87. Using WordPress solely as a Backend – dealing with WP_SITEURL
  88. use WordPress Rest API to build a web application
  89. REST Request Post including meta/custom fields
  90. Why wp_set_password not working within a api endpoint?
  91. WordPress api returns distinct data
  92. Redefine REST API variables
  93. Where is the HTML content for my post in the API
  94. WordPress Rest API Escapes Returned URLs Forward Slash
  95. Getting current core version from an WordPress installation
  96. How to block external access to register_rest_route callback?
  97. Filter output of posts (Rest API)
  98. WordPress Application Passwords not authorizing
  99. Hide custom posts from certain taxonomy in rest api
  100. Creating Application Password using REST API results in 401 regardless of JWT token

Leave a Comment