Skip to main content

Simple JWT Login (1.0.0)

Download OpenAPI specification:Download

This is the Simple JWT Login WordPress plugin API Documentation.

Introduction

This API is documented in OpenAPI format. You can either open it in swagger editor or you can view it on this website.

Also, you open it in postman, and you will be able to do local tests.

Server

You can access the Simple JWT Login API in two modes:

  • using permalink: https://{domain}/wp-json/simple-jwt-login/v1/{endpoint}
  • using rest_route: https://{domain}/?rest_route=/simple-jwt-login/v1/{endpoint}

Cross-Origin Resource Sharing

This API features Cross-Origin Resource Sharing (CORS) implemented in compliance with W3C spec. And that allows cross-domain communication from the browser. All responses have a wildcard same-origin which makes them completely public and accessible to everyone, including any code on any site.

login_user

Login user in WordPress

Autologin user into WordPress

query Parameters
JWT
required
string
Example: JWT=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

JWT

AUTH_CODE
string
Example: AUTH_CODE=MY_SUPER_SECRET_AUTH_CODE

Required when "Auto-Login Requires Auth Code" is enabled

redirectUrl
string
Example: redirectUrl=https://simplejwtlogin.com

If this parameter is provided, this will overwrite the redirect URL set in the plugin settings. Also, please make sure you check the option from plugin settings.

Responses

Response samples

Content type
application/html

register_user

Register WordPress user

Register WordPress user

Request Body schema:

Register WordPress user

email
required
string

User email address

password
required
string

User password

user_login
string

The user's login username.

user_nicename
string

User URL-friendly username

user_url
string

User URL

display_name
string

The user's display name. Default is the user's username.

nickname
string

The user's nickname. Default is the user's username.

first_name
string

The user's first name. For new users, will be used to build the first part of the user's display name if "display_name" is not specified.

last_name
string

The user's last name. For new users, will be used to build the second part of the user's display name if "display_name" is not specified.

description
string

The user's biographical description.

rich_editing
string

Whether to enable the rich-editor for the user. Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.

syntax_highlighting
string

Whether to enable the rich code editor for the user. Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.

comment_shortcuts
string

Whether to enable comment moderation keyboard shortcuts for the user. Accepts 'true' or 'false' as a string literal, not boolean. Default 'false'.

admin_color
string

Admin color scheme for the user. Default 'fresh'.

use_ssl
boolean

Whether the user should always access the admin over https. Default false.

user_registered
string

Date the user registered. Format is 'Y-m-d H:m:s'.

user_activation_key
string

Password reset key. Default empty.

spam
boolean

Multisite only. Whether the user is marked as spam. Default false.

show_admin_bar_front
string

Whether to display the Admin Bar for the user on the site's front end.Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.

locale
string

User's locale. Default empty.

Responses

Request samples

Content type
{
  • "email": "test@simplejwtlogin.com",
  • "password": "string",
  • "user_login": "myuser",
  • "user_nicename": "myuser",
  • "display_name": "myuser",
  • "nickname": "myuser",
  • "first_name": "myuser",
  • "last_name": "myuser",
  • "description": "This is a sample description",
  • "rich_editing": true,
  • "syntax_highlighting": true,
  • "comment_shortcuts": false,
  • "admin_color": "fresh",
  • "use_ssl": true,
  • "user_registered": "2022-01-31 23:15:30",
  • "user_activation_key": "string",
  • "spam": false,
  • "show_admin_bar_front": true,
  • "locale": ""
}

Response samples

Content type
application/json
{
  • "success": true,
  • "id": 1,
  • "message": "User was successfully created.",
  • "user": {
    },
  • "roles": {
    },
  • "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

delete_user

Delete WordPress user

Delete WordPress user

query Parameters
JWT
required
string
Example: JWT=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

JWT

AUTH_CODE
string
Example: AUTH_CODE=MY_SUPER_SECRET_AUTH_CODE

Required when "Delete User Requires Auth Code" is enabled

Responses

Response samples

Content type
application/json
{
  • "message": "User was successfully deleted.",
  • "id": 1
}

reset_password

Reset User Password

Send reset password code

Request Body schema:

Send an email with the reset password code to the user

email
string
AUTH_CODE
string

Required when "AuthenticationReset Password Requires Auth Code" is enabled

Responses

Request samples

Content type
{
  • "email": "contact@simplejwtlogin.com",
  • "AUTH_CODE": "MY_SUPER_SECRET_AUTH_CODE"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "message": "Reset password email has been sent."
}

Change user password

Request Body schema:

Change the user password

email
string
code
string
new_password
string
JWT
any

In order to reset password with JWT, you need to check "Allow Reset password with JWT". If a JWT is provided, the code parameter is no longer required.

AUTH_CODE
string

Required when "AuthenticationReset Password Requires Auth Code" is enabled

Responses

Request samples

Content type
{
  • "email": "contact@simplejwtlogin.com",
  • "code": "MY_SECRED_CODE_RECEIVED_BY_EMAIL",
  • "new_password": "New user password",
  • "JWT": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  • "AUTH_CODE": "MY_SUPER_SECRET_AUTH_CODE"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "message": "User password has been changed."
}

authenticate_user

Authenticate user

Authenticate to your WordPress website

Request Body schema:

Authenticate user in order to obtain a valid JWT

email
string

Required when username is not provided.

username
string

Required when email is not provided.

password
string

User plain password. Required when pass_hash is not provided.

password_hash
string

User hashed password from Database. Required when password is not provided.

AUTH_CODE
string

Required when "Authentication Requires Auth Code" is enabled

Responses

Request samples

Content type
{
  • "email": "john@doe.com",
  • "username": "myuser",
  • "password": "string",
  • "password_hash": "string",
  • "AUTH_CODE": "MY_SUPER_SECRET_AUTH_CODE"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Refresh expired JWT

Request Body schema:

Refresh expired JWT

JWT
required
string

Expired JWT.

AUTH_CODE
string

Required when "Authentication Requires Auth Code" is enabled

Responses

Request samples

Content type
{
  • "JWT": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  • "AUTH_CODE": "MY_SUPER_SECRET_AUTH_CODE"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Validate JWT

query Parameters
JWT
required
string
Example: JWT=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

JWT

AUTH_CODE
string
Example: AUTH_CODE=MY_SUPER_SECRET_AUTH_CODE

Required when "Authentication Requires Auth Code" is enabled

Responses

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}

Revoke JWT

Request Body schema:

Revoke JWT. When a JWT is revoked, it will be marked as invalid in future request.

JWT
required
string

Expired JWT.

AUTH_CODE
string

Required when "Authentication Requires Auth Code" is enabled

Responses

Request samples

Content type
{
  • "JWT": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  • "AUTH_CODE": "MY_SUPER_SECRET_AUTH_CODE"
}

Response samples

Content type
application/json
{
  • "success": true,
  • "data": {
    }
}