WordPress JSON API nonces and Vue development server


As stated in the official docs, the JSON API CSRF protection only works from within WordPress.

It is important to keep in mind that this authentication method relies on WordPress cookies. As a result this method is only applicable when the REST API is used inside of WordPress and the current user is logged in. In addition, the current user must have the appropriate capability to perform the action being performed.

Which means anytime I start a Vue development server to build my Vue app, the API will refuse my requests, as there’s no WP environment that could provide me with a nonce that I could then pass to the API. Anybody found a workaround for that problem?

Michael 4 months 0 Answers 18 views 0

Leave an answer