WP_REST_Server::check_authentication(): WP_Error|null|true

In this article

Checks the authentication headers if supplied.

Return

WP_Error|null|true WP_Error indicates unsuccessful login, null indicates successful or no authentication provided

Source

public function check_authentication() {
	/**
	 * Filters REST API authentication errors.
	 *
	 * This is used to pass a WP_Error from an authentication method back to
	 * the API.
	 *
	 * Authentication methods should check first if they're being used, as
	 * multiple authentication methods can be enabled on a site (cookies,
	 * HTTP basic auth, OAuth). If the authentication method hooked in is
	 * not actually being attempted, null should be returned to indicate
	 * another authentication method should check instead. Similarly,
	 * callbacks should ensure the value is `null` before checking for
	 * errors.
	 *
	 * A WP_Error instance can be returned if an error occurs, and this should
	 * match the format used by API methods internally (that is, the `status`
	 * data should be used). A callback can return `true` to indicate that
	 * the authentication method was used, and it succeeded.
	 *
	 * @since 4.4.0
	 *
	 * @param WP_Error|null|true $errors WP_Error if authentication error, null if authentication
	 *                                   method wasn't used, true if authentication succeeded.
	 */
	return apply_filters( 'rest_authentication_errors', null );
}

Hooks

apply_filters( ‘rest_authentication_errors’, WP_Error|null|true $errors )

Filters REST API authentication errors.

Changelog

VersionDescription
4.4.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.