How to Install and Configure WordPress JWT Auth Plugin?

JWT Auth Plugin lets WordPress authenticate users from mobile apps.
Install the JWT Auth Plugin and activate it from your dashboard.

To configure the JWT Auth Plugin follow the steps below:
1) Edit the .htaccess file and add the following lines to it.
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) – [E=HTTP_AUTHORIZATION:%1]
You have to use the File Manager of WordPress to edit the .htaccess file.
If you are using the services of a website hosting provider e.g. Dream Host, then they have their own file manager to manage WordPress files, you can use their file manager to locate and edit .htaccess file.
Open the file Manager and it will list all your WordPress files. You should see a few folders, open the folder with name of your site, eg. (
You will see the .htaccess file in this folder e.g. ( Open and edit the .htaccess file and add the above lines to it.
If you notice that “RewriteEngine On” line already exists then insert the lines below it, just below RewriteEngine On, it’s important that we follow the sequence.
Most of the shared hosting have disabled the HTTP Authorization Header by default and this enables it.
If you need any help on how to locate and use the File Manager, do get in touch with support team of your WordPress hosting provider.

2) Continue to edit the .htaccess file and add the follow line to it.
SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1
Just add it below the 3 lines that you added in Step 1
This enables the WPENGINE.

After completion of Step 1 and 2 your .htaccess file should look somewhat like as shown below.
# BEGIN WordPress
# The directives (lines) between “BEGIN WordPress” and “END WordPress” are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) – [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

3) Edit the wp-config.php file and add Secret Key that is used to authenticate.
To add the secret key edit the wp-config.php file and add the following line.
define(‘JWT_AUTH_SECRET_KEY’, ‘your-top-secret-key’);

You can replace the string “your-top-secret-key” with a key from here ->
After you edit the above files and add the above lines do save the file.
The wp-config.php file is in the same folder where .htaccess file is.

After you have configured the JWT Auth Plugin as mentioned above and saved the files, you can sign in to WordPress with your credentials from Notewrap.

Leave a Reply