Simple JWT Login
Free & open-source JWT authentication for WordPress
Add secure token-based authentication to your WordPress REST API in minutes — no coding required.
Trusted by thousands of WordPress sites
Active installs
0+
Downloads
0+
Rating
0/5
Everything you need for JWT authentication
Log users in instantly via URL, header, cookie, or session — perfect for magic links, email campaigns, and SSO flows.
Expose a secure REST endpoint to register new WordPress users programmatically — no custom code needed.
Generate, refresh, revoke, and validate JWT tokens via REST. Supports HS256/384/512 and RS256/384/512 algorithms.
Let users change or reset their password through the API — ideal for headless and mobile apps.
Limit Access by IP
Restrict access to trusted IPs — supports wildcards (e.g. 85.*.*.*) for subnet-level control.
Assign roles at registration time — create admins, editors, or subscribers through a single endpoint.
First-class support for MailPoet magic-link emails, WPGraphQL authorization, and any plugin that extends the WordPress REST API.
Require a valid JWT per route — filter by HTTP method (GET, POST, PUT, DELETE) with exact or prefix matching.
Pass a JWT to any WordPress endpoint and act as a fully authenticated user — no session cookies required.
Let users sign in with their Google account — zero passwords, instant trust.
Use Google-issued tokens to authenticate against any WordPress REST endpoint seamlessly.
Why Choose Simple JWT Login?
No coding required
Set up JWT authentication in minutes via the WordPress admin UI — no custom code needed.
6 supported algorithms
Choose from HS256/384/512 or RS256/384/512 to match your security policy.
4 JWT delivery methods
Authorization header, cookie, session, or query parameter — works everywhere.
Built for developers
16 WordPress action and filter hooks to customize every authentication flow.
CORS-ready
Works out of the box with React, Vue, Angular, mobile apps, WPGraphQL, and headless CMS setups.
PHP 5.5+ compatible
Works on any PHP version from 5.5 onwards — no matter how old or new your server is.
Auto-login & magic links
Authenticate users via a tokenized URL — no password form needed. Perfect for email campaigns and passwordless flows.
Full token lifecycle
Refresh, validate, and revoke tokens on demand to keep sessions secure and under your control.
Free & open source
MIT-licensed, community-supported, no hidden costs — ever.
Drop into any stack in minutes
PHP
Connect any PHP app to Simple JWT Login with one Composer package — supports Laravel, Yii, CodeIgniter, and more.
composer require "nicumicle/simple-jwt-login-client-php"Javascript
Add JWT authentication to React, Vue, Angular, or any JS app with an npm package and a handful of lines.
npm install "simple-jwt-login"WPGraphQL
Use your JWT tokens to authenticate GraphQL queries and mutations — enable it with a single checkbox.
MailPoet
Send magic-link login emails via MailPoet — let subscribers log in with one click, no password required.
Export & Import
Back up and restore your entire plugin configuration in one click — perfect for staging-to-production migrations.
Start as easy as 1-2-3
Install & Activate - Get started by installing Simple JWT Login from the WordPress plugin directory.
Configure Settings - Customize authentication rules, token expiration, and access control.
Authenticate Effortlessly - Use JWT tokens to authenticate users on REST API endpoints.
Join the community
Simple JWT Login is built in the open, by the community. Whether you write code, speak another language, or just want to spread the word — there's a place for you here.
Rate on WordPress
Love the plugin? A 5-star review on WordPress.org makes a big difference.
Leave a review →Help Translate
Make JWT auth accessible in every language — join us on translate.wordpress.org.
Start translating →What developers are saying
"This plugin serves now as a one-stop shop for JWT authentication, esp for headless WP/web app setups. The even better part is the author who’s extremely helpful, swift in responding & fixing issues, acknowledging improvement suggestions, pleasing to talk to and patient. I hope you can keep up the dedicated work, Nicu!"
"This is probably the very absolute best no-nonsense JWT plugin on WordPress. Exceptionally well documented, high customization, easy to setup, and works out of the box with basic setup. No nonsense ads, either. Definitely deserving the 5-star rating across the board. Recommended."
"JWT login plugin is awesome, their support is quite responsive and efficient.They are able to help me and guide me on my customize function to custom generate jwt using their classes."
"it’s the best of all JWT plugins, the responsiveness of the developer is simply incredible, he knows his project by heart and will help you efficiently."