First.. You can try access your current API response via browser
https://myblog.com/wp-json/wp/v2/postsif you find responses simillar like below, you may need to secure your WordPress Endpoint API
Let’s Secure it!
Go to your hosting or wherever you installed your wordpress and add this funtion into:
public_html > wp-includes > functions.php and save it.
// Disable some endpoints for unauthenticated users
add_filter( 'rest_endpoints', 'disable_default_endpoints' );
function disable_default_endpoints( $endpoints ) {
$endpoints_to_remove = array(
'/oembed/1.0',
'/wp/v2',
'/wp/v2/media',
'/wp/v2/types',
'/wp/v2/statuses',
'/wp/v2/taxonomies',
'/wp/v2/tags',
'/wp/v2/users',
'/wp/v2/comments',
'/wp/v2/settings',
'/wp/v2/themes',
'/wp/v2/blocks',
'/wp/v2/oembed',
'/wp/v2/posts',
'/wp/v2/pages',
'/wp/v2/block-renderer',
'/wp/v2/search',
'/wp/v2/categories'
);
if ( ! is_user_logged_in() ) {
foreach ( $endpoints_to_remove as $rem_endpoint ) {
// $base_endpoint = "/wp/v2/{$rem_endpoint}";
foreach ( $endpoints as $maybe_endpoint => $object ) {
if ( stripos( $maybe_endpoint, $rem_endpoint ) !== false ) {
unset( $endpoints[ $maybe_endpoint ] );
}
}
}
}
return $endpoints;
}Try to access again after you adding config.
Example response:
Next, how we can access it after config as authenticated user?
Inside your WordPress engine, add or install new plugin called JWT Authentication For WP REST API
Allright.. Now we can use Postman to get Token and login using these token
Get Token
This token need for every request.
Get Response
As you can see, all request must using Token. Add token inside Authorization tab like below
Moch. Rizky Ashyari