WP REST API - User registration without authentication

Question

I am just starting out with using the WP REST API. For authentication, I use JSON Web Tokens.

The only question I have is how I can give users the possibility to register by themselves, since registering a user also requires an authentication key.

Since the user has not yet logged in, this key cannot yet be retrieved.

I came up with the following two options, but cannot figure out how to do either of them.

1. The application itself has an authorization key with which the request can be made.
2. Disabling authentication requirement for user creation.

If I'm looking at this in the wrong way, any answers are welcome!

Thanks!

Answer 1

If your application is a web page then the easiest is to do this separately from the WordPress REST API. WordPress has a web page http://aaa.bbb.ccc/wp-login.php?action=register that allows you to register new users. To enable this web page check the Dashboard -> Settings -> General -> Membership -> 'Anyone can register' option.

If your application is a mobile app then your mobile can just sent the same HTTP request that http://aaa.bbb.ccc/wp-login.php?action=register sends. I.E. a POST request with query parameter action=register with POST parameters user_email, user_login, wp-submit=Register.

If you really insists on doing this using the REST API I think the following will work. (Disclaimer: I have not actually implemented this.)

You will need to override the WordPress REST authentication. First create a new role with the capability 'create_users'. Second create a user with this role. Create a nonce that specifies that a new user is to be registered. When your app returns this nonce and the user credentials to the http://aaa.bbb.ccc/wp-json/wp/v2/users endpoint you should override the WordPress authentication to set the current user to the user you created with the role 'create_users'.