'AAM Plugin - Which Capability to assign to role for refreshable Token?
I am using AAM Plugin in our Wordpress instance to be able to use JWT tokens for authentication. We are currently blocked by limited permissions for user roles other than administrator to refresh its token.
In Detail, when calling wp-json/aam/v2/authenticate for user with role administrator and body:
{ "username": "Sampleusername", "password": "Samplepassword", "issueJWT": true, "refreshableJWT": true }
everything works fine and refreshable token is returned, which can be used with endpoint wp-json/aam/v2/jwt/refresh to refresh the token without the need to provide username and password again.
When using a user with any other role than administrator, and the same body parameters (obviously username and password for that respective user), 400 response is returned with message: { "reason": "Current user is not allowed to issue refreshable JWT token" }
We are trying to search for the respective capability to add to the user role in order to enable refreshable tokens, can anyone help ?
Many thanks in advance
Dirk
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|