Set up AccountKit
AccountKit by Facebook makes it possible to authenticate users by their email-address or phone number - no need for passwords.
- Install and activate this plugin
- Create a Facebook developer account
- Create a new Facebook app for websites. You will receive an app id that we will need later
- In your WordPress backend go to "Settings" -> "JWT" -> "Account-Kit"
- Activate the authentication method
- Enter you Facebook app id
- Enter you AccountKit app secret (Go to the facebook dashboard of your app and select "Account Kit")
- In order to use Account Kit as an authentication method for WordPress, you have to set the checkbox for creating new users if no matching account was found.
After the setup accountkit is ready to use for your WordPress Rest API. In order to receive a JSON Web Token that you will have to use to access endpoints you have to make the following HTTP request:
GET YOUR_URL/wp-json/wp-jwt/v1/login?method=account_kit&token=YOUR_TOKEN
| Parameter | Value | Description |
|---|---|---|
| method (required) | account_kit | auth method |
| token (required) | access-token | the access-token you receive from the accountkit sdk you are using in your app |
| set_wp_cookie | true/false | if true wp auth cookies are created and the user can access the backend |
| redirect_to | URL | Location the user gets redirected to on success |
On success you will receive a JSON Web Token. Whenever you make a request to secure endpoints you have to send this token via the authorization header.
POST /wp-json/endpoint HTTP/1.1
Host: YOUR_DOMAIN
Authorization: Bearer TOKEN_HERE
Instead of using this plugin for the Rest API you can use AccountKit as an alternative login/registration method for your WordPress site.
- In your backend go to "Settings" -> "JWT" -> "Account-Kit"
- Under "Account-Kit Login-Buttons" you can choose between login via email or phone number, or you can use both.
- Now you will see new buttons on your login page
/wp-login.php
