HeadlessKey – JWT Auth

开发者	hidayatsafewp
更新时间	2026年2月8日 18:59
PHP版本:	8.0 及以上
WordPress版本:	6.9
版权:	GPLv2
版权网址:	版权信息

下载

1.0.0

详情介绍:

HeadlessKey – JWT Auth extends the REST API to provide a robust and secure authentication system using JSON Web Tokens (JWT). Designed for Headless WordPress, it enables seamless user authentication, registration, and session management via standard REST endpoints. Key Features

Standard JWT Authentication: Secure user authentication using industry-standard RFC 7519 tokens.
Multiple Algorithms: Support for HS256, RS256, and ES256 signing algorithms.
Comprehensive Endpoints: Ready-to-use endpoints for Login, Register, Token Refresh, and Password Management.
Single Sign-On (SSO): Connect multiple sites with a secure, headers-based SSO exchange mechanism.
Role-Based Access Control (RBAC): Configure public or authenticated access for every endpoint.
Brute Force Protection: Protects against attacks by locking users/IPs after failed attempts.
Activity Logs: Detailed audit trail of all authentication events, including IP and device data.
Security Webhooks: Real-time JSON events sent to your external services for monitoring key actions.
Device Limits: Restrict the number of active devices/sessions per user.
Developer Friendly: Extensive hooks and filters for deep customization.

屏幕截图:

升级注意事项:

1.0.0 Initial release. Secure your Headless WordPress with JWT today!

常见问题:

How do I generate a JWT Secret?

The plugin automatically generates a strong secret key upon activation. You can find it in the plugin settings. For better security, you can define headlesskey_SECRET_KEY in your wp-config.php file.

Can I use this with Next.js or other frontend frameworks?

Yes! The plugin sends correct CORS headers and returns standard JSON responses, making it compatible with any frontend framework or language that supports HTTP requests.

Does it support Public/Private keys?

Yes, you can configure RS256 or ES256 algorithms in the settings and provide your PEM formatted keys for asymmetric signing.

更新日志: