{"id":198510,"date":"2024-07-30T10:56:30","date_gmt":"2024-07-30T10:56:30","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/require-auth-users-rest-endpoint\/"},"modified":"2026-01-13T02:22:53","modified_gmt":"2026-01-13T02:22:53","slug":"require-auth-users-rest-endpoint","status":"publish","type":"plugin","link":"https:\/\/sr.wordpress.org\/plugins\/require-auth-users-rest-endpoint\/","author":12923633,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.0","stable_tag":"1.0.0","tested":"6.9.4","requires":"6.5","requires_php":"7.2","requires_plugins":null,"header_name":"Require Auth Users REST Endpoint","header_author":"Sal Ferrarello","header_description":"Restrict \/wp\/v2\/users REST API endpoint routes to authenticated users.","assets_banners_color":"999999","last_updated":"2026-01-13 02:22:53","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/github.com\/salcode\/require-auth-users-rest-endpoint","header_author_uri":"https:\/\/salferrarello.com\/","rating":0,"author_block_rating":0,"active_installs":30,"downloads":1079,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description"],"tags":{"1.0.0":{"tag":"1.0.0","author":"salcode","date":"2026-01-13 02:22:53"}},"upgrade_notice":[],"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3128061,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3128061,"resolution":"256x256","location":"assets","locale":""},"icon.svg":{"filename":"icon.svg","revision":3128061,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3128061,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3128061,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0"],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1556,710,8713,2299,1917],"plugin_category":[38],"plugin_contributors":[82980],"plugin_business_model":[],"class_list":["post-198510","plugin","type-plugin","status-publish","hentry","plugin_tags-api","plugin_tags-authentication","plugin_tags-endpoint","plugin_tags-rest","plugin_tags-users","plugin_category-authentication","plugin_contributors-salcode","plugin_committers-salcode"],"banners":{"banner":"https:\/\/ps.w.org\/require-auth-users-rest-endpoint\/assets\/banner-772x250.png?rev=3128061","banner_2x":"https:\/\/ps.w.org\/require-auth-users-rest-endpoint\/assets\/banner-1544x500.png?rev=3128061","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/require-auth-users-rest-endpoint\/assets\/icon.svg?rev=3128061","icon":"https:\/\/ps.w.org\/require-auth-users-rest-endpoint\/assets\/icon.svg?rev=3128061","icon_2x":false,"generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>This plugin modifies the <code>\/wp-json\/wp\/v2\/users<\/code> endpoint to require authentication.<\/p>\n\n<p>By default on a WordPress site you can list the users that have posted content on the site by visiting this endpoint.<\/p>\n\n<p>This plugin requires the user to be authenticated to view the list of users.<\/p>\n\n<h3>What this means<\/h3>\n\n<p>If you go directly to the URL <code>\/wp-json\/wp\/v2\/users<\/code> you will get a <code>401 Unauthorized<\/code> response.<\/p>\n\n<p>But if you open a block editor page and run the following from the browser console,<\/p>\n\n<pre><code>await wp.apiFetch({path: 'wp\/v2\/users'});\n<\/code><\/pre>\n\n<p>you will get a list of users (because the <code>wp.apiFetch()<\/code> function authenticates the user's call to the WordPress REST API).<\/p>\n\n<h3>Author<\/h3>\n\n<p>Sal Ferrarello \/ <a href=\"https:\/\/salferrarello.com\">salferrarello.com<\/a><\/p>","raw_excerpt":"Require authentication when accessing the \/wp-json\/wp\/v2\/users REST API endpoint.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/198510","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=198510"}],"author":[{"embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/salcode"}],"wp:attachment":[{"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=198510"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=198510"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=198510"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=198510"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=198510"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/sr.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=198510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}