Use JWT Authentication for endpoint "users/me"

[rowphant]

Hey there!

I have a Vue app which uses JWT Authentication for the login process. So far this is working, I get the JWT token in response but: After the login I'd like to query some user details, custom fields etc (from the user itself), show them in a form and give the user the ability to change fields (E-Mail, first name, last name etc...). Wordpress has endpoint "users/me" which should give back all the fields I need. The problem is I can only access this endpoint with basic authentication which doesnt make any sense regarding to data security. JWT Authentication (via Bearer token) doesnt work on this endpoint. The response will just look like this:

{
    "code": "invalid_username",
    "message": "<strong>Fehler:</strong> Der Benutzername <strong>{\"typ\"</strong> ist auf dieser Website nicht registriert. Falls du dir über deinen Benutzernamen unsicher bist, versuche es stattdessen mit deiner E-Mail-Adresse.",
    "data": null
}

Im wondering if Wordpress is really that stupid and just not able to handle any sensitive data with care. Is anyone facing the same issues with JWT auth and updating user data?

[Tmeister]

Hi 👋,

The project has an example of retrieving the user's data when we have a valid token.

• Here is the call to the service to get the authenticated user data.
• Here, you can see the call to the API using the token to authenticate the user.
• And finally, here is how we use the user data on the dashboard.

I hope this is useful!

Best,