React + Wordpress + Woocommerce REST API 401 - get products without AUTH


Staff member
I am building a webshop with React, Wordpress v4 and <a href="" rel="nofollow noreferrer">Woocommerce Rest api v2</a>.

I am a bit confused on how to proceed with authentication. I understand that for some requests like place an order or create a new product I need to authenticate.

But I also need to be able to just retrieve all products for a customer who visits the site for the first time and just wants to browse through all our products.
What is the best practice here?

My thoughts are:

<li>Create a public, separate layer with PHP or Node which securely stores the Woocommerce API keys and provides public endpoints (only
, i.e.
GET /products
<li>Access those endpoints via JS/React and render the products</li>
<li>Create another separate layer for placing orders which requires the costumer to authenticate (i.e.
POST /orders

Also, instead of adding a separate layer I could use the Wordpress function <a href="" rel="nofollow noreferrer">
add_action( 'rest_api_init',...

Is there a better way to do it or am I missing something? Or can I retrieve the Woocommerce Products somehow via the Wordpress API endpoints without api keys?