[ad_1]
Hi all.
I have created a headless WordPress site, so i can use it as a CMS for an Angular App. The data is requested in angular via an ExpressJS backend. I have other things going on in express, but im also using it to do api calls to WP.
This is all working fine, but i want to lock down the WP API so that only my express server can make the calls. I assume some type of token would be the way to go. The token could then be saved in the .env file for express and i can pass it to all WP API calls.
I have tried a few plugins, but no joy. Has anyone here done this? If so, how did you go about doing it?
Thanks in advance
[ad_2]