Skip to content

Home

Jump to bottom Edit New page
Daniel Kudwien edited this page May 24, 2023 · 5 revisions

Welcome to the jwt-auth WordPress Plugin Community Wiki!

We are collecting helpful tips and tutorials from everyone here. If you resolved a question or want to share an integration example with others, please add it here. 🙌

How does the JWT flow with refresh tokens work overall?

The JWT access token flow with the refresh tokens is:

  1. Send a request to /token with username and password to get a JWT access token (in response body) and refresh token (as cookie).
  2. Send requests to any endpoints passing JWT access token as Authorization bearer token.
  3. If JWT expired, send a request to /token with refresh token as cookie (instead of username and password) to get a new JWT access token.
  4. If refresh token expired, send a request to /token/refresh with refresh token as cookie to get a new refresh token (cookie).

How to install the jwt-auth plugin development version from GitHub

To install from source using a ZIP archive:

  1. Go to the jwt-auth plugin repository page.
  2. Click the dropdown button "Code", select the tab "Local", and click "Download ZIP".
  3. Upload the ZIP file into the wp-content folder of your WordPress site and extract it.
  4. Rename the extracted plugin folder into jwt-auth.
  5. Delete the ZIP file.
  6. Open a terminal, change into the plugin folder wp-content/jwt-auth and install dependencies using Composer by running the command: 
    composer install --no-dev
Add a custom footer
Add a custom sidebar
Clone this wiki locally