Core Features
Professional-Grade Authentication for WordPress
JWT-Based Authentication
Complete token-based authentication flow following RFC 7519 JWT specifications with token generation, validation, and refresh mechanisms for secure, stateless authentication.
Token management
Manage authentication tokens for API access and service integrations.
Multiple Signing Algorithms
Choose the right signing algorithm for your security requirements. From standard HMAC to enterprise RSA and ECDSA, ensure compatibility with your existing infrastructure and compliance needs
Signing Algorithm
Algorithm used to sign JWT tokens
Algorithm Details
Type
HMAC
Security Level
Standard
Key Requirements
Requires a secret key (symmetric)
Enable CORS
Allow Cross-Origin Resource Sharing for the REST API endpoints
Token Lifecycle Management
Automatic token refresh keeps users authenticated seamlessly while configurable expiration times provide precise control over access duration.
Lifecycle Events
Automatic token management and validation history
POST /wp-json/jwt-auth/v1/token
GET /wp-json/wp/v2/users/me
GET /wp-json/jwt-auth/v1/token/validate
POST /wp-json/jwt-auth/v1/refresh
Custom Token Claims
Embed application-specific data directly into JWT tokens, reducing API calls while optimizing client-side application performance.
Custom Claims
Add custom claims to JWT tokens using WordPress filters
add_filter('jwt_auth_token_before_sign', function($token, $user) {
$token['customer_type'] = get_user_meta($user->ID, 'customer_type', true);
$token['loyalty_points'] = get_user_meta($user->ID, 'loyalty_points', true);
$token['preferred_currency'] = get_user_meta($user->ID, 'currency', true);
$token['customer_id'] = get_user_meta($user->ID, 'customer_id', true);
$token['customer_email'] = get_user_meta($user->ID, 'customer_email', true);
return $token;
}, 10, 2);
Analytics & Monitoring
Complete Visibility Into Authentication Activity
Authentication Analytics
Track successful and failed login attempts over time with detailed metrics showing user activity patterns and potential issues.
Token Events All Time
Event summary and breakdown
Event Distribution
Security Event Logging
Complete audit trails for compliance with timestamps, IP addresses, and context for every authentication and security event.
Security Audit Trail
Complete compliance logging with full context
Token Usage Insights
Monitor API endpoint usage, token lifecycle events, and user behavior patterns to optimize performance and identify bottlenecks.
Analytics Dashboard
Centralized dashboard for tracking authentication attempts, token usage, and active users with configurable data retention policies.
Audit Trail Management
Comprehensive logging of token generation, validation, and errors for security monitoring and compliance requirements.
Developer Experience
Streamlined Implementation & Developer Tools
WordPress Admin UI
Complete settings management through intuitive admin interface eliminates manual wp-config.php editing required in free version.
Admin Configuration Interface
All settings are managed through the admin interface.
Framework Integration
Seamless compatibility with React, Vue.js, Angular, Next.js, and mobile platforms including iOS, Android, React Native, Flutter.
WooCommerce Integration
Secure API access to WooCommerce orders using JWT authentication
// PHP WooCommerce integration
function get_secure_orders($status = 'processing') {
$token = get_jwt_token();
$response = wp_remote_get(
'https://your-store.com/wp-json/wc/v3/orders?status=' . $status,
['headers' => ['Authorization' => 'Bearer ' . $token]]
);
return json_decode(wp_remote_retrieve_body($response), true);
}
Comprehensive Documentation
Step-by-step guides, code examples, and implementation tutorials help developers integrate JWT authentication quickly and correctly.
One-Click CORS Setup
Enable cross-origin resource sharing through admin panel instead of complex server configuration for modern web applications.
Developer Tools
Essential tools that developers can use to test the JWT authentication system, verify token generation, and troubleshoot authentication issues effectively.