authentication – REST API Integration without user account?
We have a public WP site, but we want to move/archive legacy content to only be accessible from behind authentication of an existing custom web app (that uses asp.net identity, if it’s relevant).
Initially I was thinking we could use JWT authentication to a REST API but JWT auth requires an existing WP account and the options of either…
- Creating WP accounts for every user of existing web app (thousands)
- Having all authenticated users access WP under the context of a service account (this seems bad)
both seem like bad/wrong solutions.
I’m really just looking for best practices for a 1-way integration for authenticated users from our app to read/access content (documents, posts, etc) from a private wordpress site. Custom app has a CMS already, so not looking to replace it with wordpress, just integrate it.
Is this approach worth the effort, or would it be advisable to just migrate content to our platform to avoid the hassle?