REST API Keys
WPLM’s REST API uses HTTP Basic authentication with per-key scoped credentials. Consumer keys are hashed in the database — only the truncated tail is displayed after creation.
Generate a key
Section titled “Generate a key”- Go to License Manager → Settings → REST API.
- Click Add Key.
- Set a Description (e.g. “My Plugin SDK”), choose a User, and set Permissions (
read,write, orread_write). - Click Generate API Key.
- Copy the Consumer Key and Consumer Secret — they are shown only once.
Authenticate requests
Section titled “Authenticate requests”Use HTTP Basic authentication:
# Using -u shorthandcurl https://yoursite.com/wp-json/wplm/v1/licenses \ -u "ck_xxxxxxxxxxxx:cs_xxxxxxxxxxxx"
# Or as a headercurl https://yoursite.com/wp-json/wplm/v1/licenses \ -H "Authorization: Basic $(echo -n 'ck_xxx:cs_xxx' | base64)"Permission scopes
Section titled “Permission scopes”| Scope | Access |
|---|---|
read | GET endpoints only — list, retrieve, validate |
write | POST/PUT/DELETE — create, update, activate, revoke |
read_write | Full access |
Client-facing endpoints (/validate, /activate, /deactivate, /heartbeat, /crl, /public-key) are public — no API key required.