Title: WP REST API Key Authentication Author: Kamal Hosen Published: Siilo 16, 2025 Last modified: Siilo 16, 2025 --- Search plugins ![](https://ps.w.org/rest-api-key-authentication/assets/banner-772x250.png?rev=3223428) This plugin **hasn’t been tested with the latest 3 major releases of WordPress**. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress. ![](https://ps.w.org/rest-api-key-authentication/assets/icon-128x128.png?rev=3223428) # WP REST API Key Authentication By [Kamal Hosen](https://profiles.wordpress.org/ikamal/) [Download](https://downloads.wordpress.org/plugin/rest-api-key-authentication.1.0.zip) * [Details](https://fuc.wordpress.org/plugins/rest-api-key-authentication/#description) * [Reviews](https://fuc.wordpress.org/plugins/rest-api-key-authentication/#reviews) * [Installation](https://fuc.wordpress.org/plugins/rest-api-key-authentication/#installation) * [Development](https://fuc.wordpress.org/plugins/rest-api-key-authentication/#developers) [Support](https://wordpress.org/support/plugin/rest-api-key-authentication/) ## Description **WP REST API Key Authentication** adds a simple API key-based authentication method to the WordPress REST API. This plugin is perfect for developers who want to interact with the REST API securely without relying on complex OAuth authentication mechanisms. ### Key Features: * **Multiple API Keys**: Create and manage multiple API keys with custom names. * **Secure API Key Storage**: API keys are hashed and securely stored in the WordPress database. * **Single Display for Security**: API keys are shown only once after creation. * **REST API Access Control**: Authenticate requests by including an API key in the `Authorization` header. * **Admin Interface**: Manage API keys with a user-friendly admin page. * **Copy to Clipboard Popup**: Easily copy generated API keys with a built-in popup. The plugin is lightweight and integrates seamlessly with WordPress. ### Usage 1. **Generate an API Key**: 2. * Go to **API Keys** in the WordPress admin menu. * Enter a name for the API key and click “Generate API Key”. * The API key will appear in a popup. Copy it immediately, as it will not be displayed again. 3. **Use the API Key**: 4. * Include the API key in the `Authorization` header of your REST API requests: ` Authorization: Bearer YOUR_API_KEY` 5. **Delete API Keys**: 6. * To revoke access, delete an API key from the **API Keys** admin page. ### License This plugin is licensed under the GPLv2 or later. See the License URI for details. ## Screenshots [⌊API Key Management Interface Manage API keys with a simple interface, including options to create and delete keys.⌉⌊API Key Management Interface Manage API keys with a simple interface, including options to create and delete keys.⌉[ **API Key Management Interface** Manage API keys with a simple interface, including options to create and delete keys. [⌊Generated API Key Popup Popup showing the API key after generation, with an option to copy it to the clipboard.⌉⌊Generated API Key Popup Popup showing the API key after generation, with an option to copy it to the clipboard.⌉[ **Generated API Key Popup** Popup showing the API key after generation, with an option to copy it to the clipboard. [⌊REST API Authorization Example Example of how to use the API key in the Authorization header.⌉⌊REST API Authorization Example Example of how to use the API key in the Authorization header.⌉[ **REST API Authorization Example** Example of how to use the API key in the `Authorization` header. ## Installation 1. Download the plugin ZIP file. 2. Go to your WordPress admin dashboard and navigate to **Plugins > Add New**. 3. Click on the **Upload Plugin** button and select the ZIP file. 4. Click **Install Now** and then activate the plugin. 5. Navigate to **API Keys** in the admin menu to start managing your API keys. ## FAQ ### How are API keys stored? API keys are hashed using PHP’s `password_hash` function and stored securely in the WordPress database. The raw key is only shown once upon creation. ### What happens if I lose an API key? If you lose an API key, you must generate a new one. The plugin does not store raw API keys for security reasons. ### How do I authenticate a REST API request? Include the API key in the `Authorization` header using the `Bearer` token format: Authorization: Bearer YOUR_API_KEY ### Can I create multiple API keys? Yes, you can generate multiple API keys with custom names and manage them from the admin interface. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “WP REST API Key Authentication” is open source software. The following people have contributed to this plugin. Contributors * [ Kamal Hosen ](https://profiles.wordpress.org/ikamal/) “WP REST API Key Authentication” has been translated into 1 locale. Thank you to [the translators](https://translate.wordpress.org/projects/wp-plugins/rest-api-key-authentication/contributors) for their contributions. [Translate “WP REST API Key Authentication” into your language.](https://translate.wordpress.org/projects/wp-plugins/rest-api-key-authentication) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/rest-api-key-authentication/), check out the [SVN repository](https://plugins.svn.wordpress.org/rest-api-key-authentication/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/rest-api-key-authentication/) by [RSS](https://plugins.trac.wordpress.org/log/rest-api-key-authentication/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0 * Initial release. * Added support for API key creation and deletion. * Added REST API authentication using API keys. * Added popup with “Copy to Clipboard” functionality for generated API keys. ## Meta * Version **1.0** * Last updated **1 year ago** * Active installations **10+** * WordPress version ** 5.0 or higher ** * Tested up to **6.7.5** * PHP version ** 7.2 or higher ** * Languages * [English (US)](https://wordpress.org/plugins/rest-api-key-authentication/) and [Swedish](https://sv.wordpress.org/plugins/rest-api-key-authentication/). * [Translate into your language](https://translate.wordpress.org/projects/wp-plugins/rest-api-key-authentication) * Tags * [access-control](https://fuc.wordpress.org/plugins/tags/access-control/)[api authentication](https://fuc.wordpress.org/plugins/tags/api-authentication/) [API key](https://fuc.wordpress.org/plugins/tags/api-key/)[rest-api](https://fuc.wordpress.org/plugins/tags/rest-api/) [security](https://fuc.wordpress.org/plugins/tags/security/) * [Advanced View](https://fuc.wordpress.org/plugins/rest-api-key-authentication/advanced/) ## Ratings No reviews have been submitted yet. [Your review](https://wordpress.org/support/plugin/rest-api-key-authentication/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/rest-api-key-authentication/reviews/) ## Contributors * [ Kamal Hosen ](https://profiles.wordpress.org/ikamal/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/rest-api-key-authentication/)