Register rest field authentication with REST API

It is a bad API design to return different structure based on “external data” not passed in the request itself.

Either construct different API for logged in users and use a different end point for it, or return a “filler” when the user do not have permission to access the data.

(and it is always a bad idea to make modifications to the official rest API as you might create incompatibilities with other users of it, so at least be careful use prefixes etc)

Related Posts:

  1. WP REST API: check if user is logged in
  2. Can’t GET draft posts via REST API from headless frontend
  3. WP REST API – Nonce passes wp_verify_nonce even after logout
  4. Rest API: wp_verify_nonce() fails despite receiving correct nonce value
  5. Log in user using WordPress REST API
  6. wp_nonce vs jwt
  7. How to: Make JWT-authenticated requests to the WordPress API
  8. WordPress Rest API: How do we validate with our custom API key?
  9. WordPress REST API call generates nonce twice on every call
  10. How to Authenticate WP REST API with JWT Authentication using Fetch API
  11. authentication issue with rest api – rest_cannot_create
  12. Can I authenticate with both WooCommerce consumer key and JWT?
  13. How to login to WordPress site using basic authentication HTTP headers?
  14. Can we access the REST request parameters from within the permission_callback to enforce a 401 by returning false?
  15. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  16. Create Session with JWT
  17. Full page NGINX (or Cloudflare) caching and WordPress nonces
  18. WordPress REST API, Expired Nonce from Cache results in 403 forbidden
  19. Passing a borrowed nonce through Postman fails
  20. how to send Ajax request in wordpress backend
  21. permission_callback has no effect
  22. WP REST API GET Requests require authentication
  23. current_user_can(‘administrator’) returns false when I’m logged in
  24. Authenticating with REST API
  25. Make authorization mandatory on custom routes
  26. How to force JWT auth for default GET endpoints of WordPress rest api?
  27. REST API: best place to set current user for JWT auth?
  28. WordPress + REST API v2 and private pages Load by slug
  29. REST API authentication for a plugin
  30. PHP: authenticate for a REST request?
  31. Rest API basic auth not working
  32. Authenticate current user to REST API
  33. Getting 401 from ajax using an application password
  34. How to connect android app with WordPress website?
  35. WordPress REST API calls that depend on the WordPress User
  36. Backbone with custom rest endpoints
  37. WordPress HTTP API NTLM Authentication
  38. Advanced Access Manager: RESTful endpoint to refresh token
  39. Best Authetication between REST API and Mobile App
  40. How to verify which WordPress user requested the API in ASP .NET Core?
  41. Secure WordPress API, how?
  42. register/login api
  43. How can I secure my custom rest api endpoint or add under a already existing rest group
  44. REST API Integration without user account?
  45. WP REST API with Basic Auth at target website
  46. Cant POST with REST API on WordPress
  47. REST API – Authentication/Logon security
  48. Rest API nonce is being cached
  49. custom REST endpoints and application passwords
  50. wordpress rest api authentication failed
  51. How to add additional http header to a wp_error rest response
  52. Nonce validation in REST API
  53. How would I add custom tables/endpoints to the WP REST API?
  54. WP REST API create post authentication issue
  55. How to define a query parameter with REST API?
  56. How do I correctly setup an AJAX nonce for WordPress REST API?
  57. How do I use the WP REST API plugin and the OAuth Server plugin to allow for registration and login?
  58. Using the REST API (v2) javascript client on a private namespaced route
  59. Does accessing WordPress via REST API affect the site stats and analytics?
  60. WP API ignores filter parameter
  61. How to use REST API to send user metadata?
  62. Can the new REST API now make WP into it’s own push notification server?
  63. Confused about AngularJS and WordPress
  64. Post API tax_relation field doesn’t work
  65. Authentication with the Rest API when using an External Application
  66. No ‘Access-Control-Allow-Origin’ when call rest API
  67. Get subscribers via REST API and send post notification
  68. Calling an API to do authentication / user login
  69. Allow “wp-admin” edit access through headless WP web application
  70. WordPress REST API V2: how to get list of all posts?
  71. How to get data from /wp-json/wp/v2/users/me
  72. WordPress REST API parameters are not affecting a response
  73. Update meta_value in wp_postmeta using API
  74. WordPress plugin with CORS
  75. “Error: cURL error 60: SSL certificate problem: certificate has expired” when create product in WooCommerce via REST API
  76. How to use WordPress REST api to login a user?
  77. Wrong encoding of dynamic block properties problem when loggen in as editor
  78. Need wp rest api for featured video post
  79. REST api header link href
  80. WordPress & React Native
  81. update meta data (like view counter) by rest-api
  82. How to use WordPress rest API with Angularjs 4 [closed]
  83. Retrieve posts by page in wp rest api
  84. How to change WordPress api v2
  85. WP_REST_Request::get_json_params() Parsing null as Zero
  86. API request forbidden when requesting from same domain
  87. Custom WP Rest API Endpoints from JSON Schema
  88. Securing REST API wp-json/wp/v2/users endpoint
  89. Rest Api WordPress
  90. WordPress REST API won’t allow me to filter by author ID when called internally, works externally in Postman
  91. Rest API is running, but /wp-json/wp/v2/ shows only old dates
  92. How can I enforce user to use Application password to generate JWT token? [closed]
  93. Rest Api Error ‘ Error: {‘code’: ‘rest_no_route’, ‘message’: ‘No route was found matching the URL and request method.’, ‘data’: {‘status’: 404}}@ [closed]
  94. Restrict APP REST API for users with account and capabilities
  95. How to call WordPress API Internally
  96. Application password still works even after user is disabled / expired
  97. REST API Schema: how to allows for both empty string or email string
  98. Field fetched through REST API contains ASCII version of special characters
  99. Cannot create posts via REST API
  100. Fetch a single post from a list of posts using the REST API