Redirection API integration into client-side javascript app

Hi there,

I am building a Nuxt JS application as the front-end channel to my WordPress website.

I am currently trying to access a list of all redirects created via the REST API endpoints in the documentation. I am having trouble with authentication engine. The REST API Authentication guide only gives context when using wp_localize_script(). Obviously, given the fact I am building my front-end as a separate application, I can’t utilise that functionality to get a nonce value.

So, what I have done is built a WordPress plugin which will initialise a REST API endpoint (e.g. https://localhost/sandbox/wp-json/custom-wp-api/auth) which returns the following data

return [
    'data' => [
        'nonce' => wp_create_nonce('wp_rest')
    ]
];

I then use that nonce value within my requests to the Redirection API endpoints as per the documentation but I am getting 401 errors. I imagine that is because that nonce is for a non-logged in user.

async getRedirections (nonce) {
  const options = {
    method: 'get',
    url: 'https://localhost/sandbox/wp-json/redirection/v1/redirect/?_wpnonce=' + nonce
  }

  const request = await this.$axios(options)
  console.dir(request)
}

Could you provide some insight into what I should be doing when using WordPress in a headless environment?

I have read via the REST API authentication docs you can use technologies like OAuth1, Application Passwords etc but all of those plugins seem to have limited support and unclear whether they are being maintained to support the latest version of WordPress.

Thanks in advance!