HeadlessKey – JWT Auth
A complete authentication solution for Headless WordPress applications using JWT, supporting Registration, SSO, RBAC, and advanced Security features.
00
·0 active installs·Updated 1 month agoAs of April 2026, HeadlessKey is a WordPress jwt plugin with 0 active installations and a 0/5 rating0. It has been downloaded 177 times in total. Requires WordPress 6.0+ and PHP 8.0+. Available on WordPress.org since 2026. Recently updated within the last 3 months. Top alternative: JWT Authentication for WP REST API.
0/5Rating
0active installs
177total downloads
2 monthssince 2026
Overview
HeadlessKey – JWT Auth extends the REST API to provide a robust and secure authentication system using JSON Web Tokens (JWT). Designed for Headless WordPress, it enables seamless user authentication, registration, and session management via standard REST endpoints.
Key Features
- Standard JWT Authentication: Secure user authentication using industry-standard RFC 7519 tokens.
- Multiple Algorithms: Support for
HS256,RS256, andES256signing algorithms. - Comprehensive Endpoints: Ready-to-use endpoints for Login, Register, Token Refresh, and Password Management.
- Single Sign-On (SSO): Connect multiple sites with a secure, headers-based SSO exchange mechanism.
- Role-Based Access Control (RBAC): Configure public or authenticated access for every endpoint.
- Brute Force Protection: Protects against at…
Screenshots
Ratings & Reviews
00 reviews
5 ★
0
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Compatibility
| WordPress | 6.0+ requiredTested up to 6.9.4 |
| PHP | 8.0+ required |
Top Alternatives to HeadlessKey – JWT Auth
Frequently Asked Questions
Changelog
1.0.0
- Initial Release: Complete authentication suite with JWT, RBAC, SSO, and Security features.
- Security: Added Brute Force protection, Device Limits, and Security Webhooks.
- API: Full set of endpoints for Login, Register, Password Reset, and Token Management.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.