Initial public release<\/p>","1.0.2":"
Internationalisation for strings<\/p>","1.0.1":"
Better handling or errors.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":2519495,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":2519495,"resolution":"256x256","location":"assets","locale":""},"icon.svg":{"filename":"icon.svg","revision":2527062,"resolution":false,"location":"assets","locale":false}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.3","1.1.0","1.2.0","1.2.1","1.2.2","1.3.0","1.3.1","1.4.0","1.4.1","1.5.0","1.5.1","1.5.2","1.5.3","1.5.4"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":2519495,"resolution":"1","location":"assets","locale":""}},"screenshots":{"1":"This example shows a configuration with a WordPress install behind Cloudflare Access for SSO via JWT"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[8382,710,38851,602,2469],"plugin_category":[38],"plugin_contributors":[198722],"plugin_business_model":[],"class_list":["post-139973","plugin","type-plugin","status-publish","hentry","plugin_tags-auth","plugin_tags-authentication","plugin_tags-jwt","plugin_tags-login","plugin_tags-sso","plugin_category-authentication","plugin_contributors-andrewheberle","plugin_committers-andrewheberle"],"banners":[],"icons":{"svg":"https:\/\/ps.w.org\/ah-jwt-auth\/assets\/icon.svg?rev=2527062","icon":"https:\/\/ps.w.org\/ah-jwt-auth\/assets\/icon.svg?rev=2527062","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/ah-jwt-auth\/assets\/screenshot-1.jpg?rev=2519495","caption":"This example shows a configuration with a WordPress install behind Cloudflare Access for SSO via JWT"}],"raw_content":"\n
This plugin allows sign in to WordPress using a JSON Web Token (JWT) contained in a HTTP Header that is added by a reverse proxy\nthat sits in front of your WordPress deployment.<\/p>\n\n
Authentication and optionally role assignment is handled by claims contained in the JWT.<\/p>\n\n
Verification of the JWT is handled by either:<\/p>\n\n
During the login process if the user does not exist an account will be created with a matching role from the JWT.<\/p>\n\n
If the JWT did not contain a role claim then user is created with the role set in the plugin settings (by default this is the subscriber role).<\/p>\n\n\n
By default the plugin looks for the JWT in the However the token may be retrieved from a configurable HTTP header, for example integration with Cloudflare Access would use\nthe The JWT must contain at least an Currently only the HS256 and RS256 alorithms are supported.<\/p><\/dd>\n\n<\/dl>\n\n\nAuthorization<\/code> header as follows:<\/p>\n\nAuthorization: Bearer <JWT Here>\n<\/code><\/pre>\n\nCf-Access-Jwt-Assertion<\/code> header.<\/p><\/dd>\nWhat should the JWT contain?<\/h3><\/dt>\n
email<\/code> claim and may also contain a role<\/code> claim:<\/p>\n\n{\n \"email\": \"admin@example.com\",\n \"role\": \"admin\"\n}\n<\/code><\/pre><\/dd>\nWhat signature algorimths are supported to verify the JWT?<\/h3><\/dt>\n
1.5.4<\/h4>\n\n
\n
1.5.3<\/h4>\n\n
\n
1.5.1<\/h4>\n\n
\n
1.5.0<\/h4>\n\n
\n
1.4.1<\/h4>\n\n
\n
1.3.1<\/h4>\n\n
\n
1.3.0<\/h4>\n\n
\n
1.2.2<\/h4>\n\n
\n
1.2.1<\/h4>\n\n
\n
1.2.0<\/h4>\n\n
\n
1.1.0<\/h4>\n\n
\n
1.0.3<\/h4>\n\n
\n
1.0.2<\/h4>\n\n
\n
1.0.1<\/h4>\n\n
\n
1.0.0<\/h4>\n\n
\n