apply_filters( 'rest_authentication_errors', WP_Error|null|bool )

Filters REST authentication errors.


This is used to pass a WP_Error from an authentication method back to the API.

Authentication methods should check first if they’re being used, as multiple authentication methods can be enabled on a site (cookies, HTTP basic auth, OAuth). If the authentication method hooked in is not actually being attempted, null should be returned to indicate another authentication method should check instead. Similarly, callbacks should ensure the value is null before checking for errors.

A WP_Error instance can be returned if an error occurs, and this should match the format used by API methods internally (that is, the status data should be used). A callback can return true to indicate that the authentication method was used, and it succeeded.


WP_Error if authentication error, null if authentication method wasn't used, true if authentication succeeded.


File: wp-includes/rest-api/class-wp-rest-server.php

View on GitHub


Version Description
WP-4.4.0 Introduced.