Generating a token works fine but fails when validating

[Steverino541]

Issue Name

Prerequisites

Please answer the following questions for yourself before submitting an issue.

• [x] I am running the latest plugin version
• [x] I am running the latest WordPress version
• [x] I know what PHP version I'm using
• [x] I checked the documentation and found no answer
• [x] I checked to make sure that this issue has not already been filed

Context

Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.

• WordPress version: 6.4.1
• PHP Version: 8.0.30
• Plugins:
• Advanced Custom Fields
• CookieYes | GDPR Cookie Consent
• JWT Authentication for WP-API
• Microsoft Azure Storage for WordPress

Expected Behavior

After generating a JWT token I should be able to validate that token and also be able to create posts

Current Behavior

I am able to generate a token but when I request the validation endpoint I get the following error:

{ "code": "jwt_auth_bad_config", "message": "JWT is not configured properly, please contact the admin", "data": { "status": 403 } }

And I cannot perform any creation or editing actions because I get the same message

Failure Information (for bugs)

Please help provide information about the failure if this is a bug. If it is not a bug, please remove the rest of this template.

Steps to Reproduce

Please provide detailed steps for reproducing the issue.

1. Install and activate JWT Authentication for WP-API
2. the .htaccess file is modified to look like this between the BEGIN and END WORDPRESS:

RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L]

3. Add the following to wp-config.php: //* Define JWT auth key / define( 'JWT_AUTH_SECRET_KEY', 'my_key' ); define('JWT_AUTH_CORS_ENABLE', true);

4. Run a postman request against http://localhost:3000/wp-json/jwt-auth/v1/token?username=myadminuser&password=mypass

5. Run a request against http://localhost:3000/wp-json/jwt-auth/v1/validate with the Bearer Token set to the token that was generated

Failure Logs

Please include any relevant log snippets or files here.

[Steverino541]

I solved it with this answer https://stackoverflow.com/a/69300300, I had to move the JWT_AUTH_SECRET_KEY definition to above require_once ABSPATH . 'wp-settings.php'; and then it worked 🙂