If you’re integrating the WordPress REST API and using the JWT Authentication plugin for WP REST API, you might run into a common issue: although you’re able to obtain a token successfully, trying to fetch user data via the /wp-json/wp/v2/users/me endpoint returns the following error:
{
“code”: “jwt_auth_bad_config”,
“message”: “JWT is not configured properly, please contact the admin”,
“data”: {
“status”: 403
}
}
Cause of the Issue
This error typically occurs due to incorrect placement of the JWT configuration constants in your wp-config.php file. The plugin expects certain constants—such as your JWT secret key and CORS-related headers—to be defined before WordPress is fully loaded.
✅ Solution
To fix this issue, follow these steps:
- Open your wp-config.php file.
- Move the JWT-related constants to the top of the file, immediately after the opening <?php tag, and before the line that says /* That’s all, stop editing! Happy publishing. */.