The following guide is for getting access tokens for your users. Both the Login Request and Create Account request will return access tokens which can then be used to access the WP Video Membership REST API endpoints.
Before you can request access tokens for your users, you first need to get an Auth Token.
See our guide on Getting An Auth Token >
Create Account Request
Once you've retrieved a token from the /auth endpoint, you will need to make a second POST request to:
{your-domain}/wp-json/wpvs-memberships/v1/signup
You need to include the token from the previous request, along with a new_user_email parameter in the Body of your POST request:
token={token}
new_user_email={a valid email address}
Optional Parameters
The following are optional parameters you can include in your POST request.
Notes:
- If the new_username parameter is excluded from your request, the new users email address will be used as the username.
- If the new_user_password parameter is excluded from your request, WordPress will automatically create a new password for the user and send them an email with their new account details.
new_username={username}
new_user_password={password}
confirm_user_password={confirm_password} // required if new_user_password is set
first_name={firstname}
last_name={lastname}
On a successful request, you will receive a JSON response with the following variables:
{
token: {access-token},
refresh_token: {refresh-token},
expires: {expire-date}
}
Login Request
Once you've retrieved a token from the /auth endpoint, you will need to make a second POST request to:
{your-domain}/wp-json/wpvs-memberships/v1/login
You need to include the token from the previous request, along with the username and password in the Body of your POST request:
token={token}
username={username}
pass={password}
On a successful request, you will receive a JSON response with the following variables:
{
token: {access-token},
refresh_token: {refresh-token},
expires: {expire-date}
}
Notes:
- Access Tokens expire after one day (24 hours). Make sure you store your refresh_token in order to get a new Access Token. Expired Access Tokens will result in invalid requests.
- Make sure that you request and use unique Access Tokens for each User. This is done automatically using the process above.
Refreshing Access Tokens
If you make a request to an endpoint such as {your-domain}/wp-json/wp/v2/wpvsvideos with an invalid or expired token, a JSON variable wpvs_rest_error will be returned:
Invalid Token response:
{
wpvs_rest_error: "Invalid token"
}
Expired Token response:
{
wpvs_rest_error: "Token expired"
}
- If you receive an Invalid token response, you will need to go through the Authentication and Login process again to retrieve a new token.
- If you receive a Token expired response, you can do a POST request to the following endpoint:
{your-domain}/wp-json/wpvs-memberships/v1/refresh
You need to include the refresh_token (which you should have stored from the initial Access Token Request) as a Header in your request:
WPVS-RefreshToken: {stored_refresh_token}
In addition, you need to include the username and password in the Body of your POST request:
username={username}
pass={password}
On a successful request, you will receive a JSON response with the following variables:
{
token: {access-token},
refresh_token: {refresh-token},
expires: {expire-date}
}
The refresh_token should be the same as the one already stored. The token and expires date will be updated.
Comments
0 comments
Article is closed for comments.