I installed the WP API plugin and OAuth 1 plugin (https://github.com/WP-API/OAuth1) and everything seems to be working. Via Postman I send a request and get this response:
oauth_token=2zDlXOveIobLN9zP6FDxetBc&
oauth_token_secret=mnn6VH6e5GkzzuV42y5lTWYrL6J6lE8H0JbvjHsmGlDHtIuT&
oauth_callback_confirmed=true
I thought I was good to go but then I was still able to access:
mysite.com/wp-json/wp/v2/post
Is there something else I need to do to restrict unauthorized requests?
