Nox Downloads

Customer Area Shop Now

Getting Started

Step-by-step setup and troubleshooting guidance for premium WordPress plugins and licensing workflows.

Nox App Connect Version 1.0.0 3 minutes read Updated 3 days ago

This guide walks you through setting up Nox App Connect for the first time.

By the end, you will have:

  • The plugin installed and configured
  • The API enabled
  • Your first client created
  • A working token request

This section assumes a fresh WordPress installation.

Requirements

Before you begin, make sure you have:

  • WordPress installed and running
  • Administrator access to your site
  • HTTPS enabled (required for secure authentication)

Step 1: Install and Activate the Plugin

  1. Upload the Nox App Connect plugin to your WordPress site
  2. Go to Plugins → Installed Plugins
  3. Click Activate

Expected Result

  • A new menu item called App Connect appears in your WordPress admin

Step 2: Configure the Token Secret

Nox App Connect requires a secure token secret to issue tokens.

Option A: Add Manually (Recommended)

Open your wp-config.php file and add:

define('AC_TOKEN_SECRET', 'your-random-secure-string');

Use a long, random string.

Option B: Use Plugin Setup

  • Go to App Connect → Settings
  • Follow the setup prompt to generate a secret

Expected Result

  • The plugin is able to issue tokens securely

Reference: Required server setup

Step 3: Enable the API

  1. Go to App Connect → Settings → Basic
  2. Enable the API

Expected Result

  • The token and authorization endpoints become available

Step 4: Enable Grant Types

Grant types control how applications authenticate.

  1. Go to App Connect → Settings → Grant Types
  2. Enable at least one grant type:

Recommended:

  • Authorization Code (with PKCE) → best for user login flows
  • Client Credentials → best for server-to-server integrations

Important Behavior

  • Disabled grant types cannot be used
  • Existing tokens using a disabled grant are revoked

Step 5: Configure Token Settings (Optional)

Go to App Connect → Settings → Tokens

You can adjust:

  • Access token lifetime
  • Refresh token behavior
  • JWT mode (advanced)

For most setups, the default settings are fine.

Step 6: Create Your First Client

A client represents an external app connecting to your site.

  1. Go to App Connect → Clients
  2. Click Add New Client
  3. Configure:
    • Name: Example “My App”
    • Grant Types: Select one you enabled earlier
    • Access Mode:
      • Start with restricted for safety
    • Redirect URIs (for Authorization Code only)
      • Must match exactly
  4. Save the client

Expected Result

  • A Client ID is generated
  • A Client Secret is generated (for confidential clients)

Step 7: Test a Token Request

Now verify everything is working.

Example: Client Credentials Request

curl -X POST "https://your-site.com/wp-json/app-connect/v1/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -u "CLIENT_ID:CLIENT_SECRET" \
  --data-urlencode "grant_type=client_credentials"

Expected Response

{
  "token_type": "Bearer",
  "access_token": "...",
  "expires_in": 3600
}

Step 8: Use the Token

Use the access token to call the WordPress REST API.

Example: Get Current User

curl "https://your-site.com/wp-json/wp/v2/users/me" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"

Expected Result

  • You receive a valid JSON response from WordPress