How to secure custom endpoint for rest api in WordPress

Add permission_callback parameter and set it to whatever authentication you want to apply.

So, if you want to make it accessible to a user having manage_options capability, your code should be something like this-

add_action('rest_api_init', function(){
    register_rest_route('fs/v1', 'posts', [
        'methods'             => 'GET',
        'callback'            => 'fs_posts',
        'permission_callback' => function( $request ) {
            return current_user_can( 'manage_options' );
        }
    ]);
});

If it’s for any logged-in users, for example, use this-

add_action('rest_api_init', function(){
    register_rest_route('fs/v1', 'posts', [
        'methods'             => 'GET',
        'callback'            => 'fs_posts',
        'permission_callback' => function( $request ) {
            return is_user_logged_in();
        }
    ]);
});

Related Posts:

  1. Pass PHP variable to javascript
  2. Namespaces in WordPress – How do I initiate the main class?
  3. wordpress get meta value by meta key
  4. What areas to Unit test while building a plugin?
  5. update_meta_user difference in i:1 and b:1, how to write b:1
  6. Registration Form Validation in wordpress
  7. Errors while using ajax from external wordpress page
  8. Dequeue / Deregister script and replace it with a new plugin
  9. How to handle autoloading with composer by keeping the WordPress naming conventions?
  10. Hide Theme options and Customize Admin menu
  11. Current user in plugin returns NULL
  12. How can I implement a notification system in wordpress?
  13. Minimum PHP Required for WordPress
  14. Building an email signup form. Where should the information be saved in the DB?
  15. Where should I save an API key of my user when installing my plugin?
  16. How to make a customize role and view a specific plugins base on that role?
  17. Custom form action to handle data inside a plugin
  18. WP Post Template – Templates in own folder
  19. Create entire wordpress as a github repositery?
  20. Map Custom Registration Fields to WordPress User Roles
  21. custom payment gateway in woocommerce failed to connect to remote api server
  22. Plugin options page with live preview?
  23. Ajax call returning 0
  24. How to update post’s content on post publish?
  25. Conditional attributes and logic per product category
  26. WordPress plugin admin html being shown in Customizer iframe
  27. Displaying Custom Sidebar Without Modifying Theme’s Core File?
  28. WordPress Widget – Saving multidimensional arrays into $instance
  29. Ordering taxonomies by rank
  30. Plugin Options not being output
  31. Can I create a table on my DB without creating a plugin?
  32. Submit Form data to another page via Ajax (WordPress Way)
  33. WordPress checkbox and Illegal string offset
  34. Is it fair to use MIT licensed code in WordPress plugins? [closed]
  35. How to add an element right after the article using jQuery?
  36. How to reset wordpress but not plugins and settings
  37. add_submenu_page returns null
  38. get_option / wp_localize_script Not Working in OOP Plug In
  39. Switch from wp-cron to a server cron job
  40. How to Show Author image and url in WordPress plugin directory? [closed]
  41. Extending a theme: build new features as plugin or core modules?
  42. Plugin generating unexpected output – on WP mysql dump import
  43. Remember the Meta Value With Radio Buttons
  44. jQuery code didn’t run on my plugin
  45. How to embed a new string in url?
  46. Custom characters of tinymce editor are saved as question mark
  47. Custom Module, Extending WP with a Plugin?
  48. How do I profit from a Plugin?
  49. help intercepting save_post through plugin
  50. best way to run a php script away from the template?
  51. Themes conflicts and overrides my WordPress Support widget Plugin styles
  52. Disable Author Archive just for certain roles in bulk
  53. Add a new category for posts
  54. How to save Setting pages data to the database?
  55. Add hook after content without formatting
  56. User loggedin as Subscriber form not sending
  57. wc_get_template_part doesnt display the content [duplicate]
  58. How to properly use wp_mail() in my own plugin?
  59. Prevent WordPress from sending set-cookie http header
  60. admin_post hook not firing function inside class
  61. Thumbnail image doesn’t show up in Shortcode output
  62. I created a plugin with ‘view page’ that uses MYSQL + PHP. When I use wp_insert_post(), it turns everything to HTML
  63. list of custom post by custom field in frontend
  64. How to implement color picker from WordPress in my boilerplate plugin?
  65. custom post type plugin error [closed]
  66. how to auto random increment for post view
  67. Fatal error: require_once(): Failed opening required
  68. How to properly enqueue jQuery knob on WordPress without conflict?
  69. WordPress Thickbox Navigation Issue in Gallery
  70. Admin menu hilighting wrong item for CPT
  71. How to save the option’s new values plus old value without overwrite old one
  72. Not displaying Woocommerce product page in lightbox
  73. ajax voting for custom post type
  74. WordPress Media Uploader : How to add custom button on featured image tab
  75. Change pricing in Woocommerce based on Category and Product [closed]
  76. Can we validate data from jquery
  77. WordPress environment not loading properly
  78. Delete postmeta when uninstall/delete plugin
  79. how can i get records from wp_postmeta table using particular meta_key in database?
  80. Re-writing MySQl query for execute faster
  81. Inactive Plugin Files
  82. Saving an array to get_options
  83. Getting error “The package could not be installed. PCLZIP_ERR_BAD_FORMAT ”
  84. show Visual form builder in the front end
  85. Plugin – including external javascript calling google maps
  86. Help me with my first very basic plugin
  87. wordpress plugin | short code issue
  88. HTML link within my plugin settings page
  89. How to create post comparison in wordpress
  90. How can I create a navigation menu in the sidebar that can also act like a slider?
  91. WordPress Customise
  92. How to create a sharing marketplace with wordpress for bicycles?
  93. Cannot edit Sidebar in any theme in wordpress
  94. how to update wordpress plugin programmatically using plugin path
  95. Testing Plugin – Install plugin dependencies in testing enviroment
  96. Form submission issue in wordpress admin (custom plugin) using $_GET for searching & filtering
  97. Editing a block to add a button to have a drop cap
  98. Redirrect after facebook successful login to wooommerce cart page url
  99. Remove custom menu pages for admin users
  100. Show posts in custom order
tech