Can I authenticate with both WooCommerce consumer key and JWT?

Yes this is possible by structuring your requests appropriately. For system requests use OAuth 1.0 (consumer key as before), but encode it to include the OAuth credentials in the URL not in the headers. Having the OAuth credentials in the Authorisation header triggers the JWT error. GET https://DOMAIN/wp-json/wc/v1/subscriptions * Authorization: `OAuth 1.0` * Consumer key: … Read more

How to transition cookies from .subdomain.domain.com to .domain.com with minimal impact on users?

This answer may help. To quote: The basic code you need here is this in the wp-config file: define(‘LOGGED_IN_COOKIE’, ‘login_cookie_name’); define(‘AUTH_COOKIE’,’auth_cookie_name’); define(‘COOKIE_DOMAIN’, ‘.example.com’); define(‘COOKIEHASH’, ‘random_hash_here’); Put that in the config across multiple sites, set the keys and salts to be the same, and you’ll have login cookies that work across the domain and subdomains.

Authentication/API Questions

Why don’t you write a quick plugin … called “is user logged in” that registers a URL call. So the user hits the page, then the Flash or Java could just hit: http://mysite.com/customurl?hash=wordpress_logged_in_[hash] Then the plugin would run and return true or false. References: http://codex.wordpress.org/WordPress_Cookies#WP_.3E_3 This way you keep everything within reach of the WordPress … Read more

WordPress as a OAuth Provider

Okay, after your comments, I think I see what you’re asking but I’m not sure, so I’ll make it as generic as possible. WordPress uses the authenticate filter hook to perform authentication. You can add additional authentication methods by connecting your own functions to this filter. This is an example of an authentication function. This … Read more