> ## Documentation Index > Fetch the complete documentation index at: https://docs.jwtauth.pro/llms.txt > Use this file to discover all available pages before exploring further. # Overview > JWT Auth Pro is a premium WordPress plugin that provides secure, robust, and developer-friendly JWT (JSON Web Token) authentication for WordPress REST API. ## Key Features Complete authentication flow with token generation, validation, and refresh mechanisms Advanced token lifecycle with refresh tokens, expiration control, and family tracking Rate limiting, IP tracking, and token revocation Monitoring of token usage, API requests ## How It Works JWT Auth Pro implements a secure OAuth 2.0 compliant authentication flow. Here's how the authentication process works in your WordPress application: Client sends credentials to the authentication endpoint to obtain JWT tokens Use the JWT token to authenticate REST API requests via Authorization header Use refresh token to obtain new access tokens without re-authentication Revoke tokens on logout or when compromised to ensure security Track and manage tokens through the analytics dashboard ## Security Best Practices JWT Auth Pro comes with built-in security features to protect your WordPress application. Here are the key security measures you should be aware of: Automatic token revocation on password/email changes Automatic token revocation on user deletion Manual token revocation via API endpoint Configurable token expiration times Secure refresh token rotation