I'm using the JWT Authentication for WP-API plugin (version 1.3.6) to authenticate requests to my WordPress REST API. However, when making requests, instead of getting a JSON response, I receive the full HTML of the website (including the login page).

What I tried:

• Checked responses in Postman and the browser—same issue.

• Verified .htaccess and wp-config.php settings match a working setup.

• Ensured that the JWT token is correctly included in the request headers.

Expected Behavior:

I expect a valid JSON response from the API, not an HTML page.

Steps to Reproduce:

1️⃣ .htaccess Configuration

# BEGIN WordPress
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/wp-json/jwt-auth/v1/token [OR]
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [E=HTTP_AUTHORIZATION:%1]
# END WordPress

2️⃣ wp-config.php Changes

define('JWT_AUTH_SECRET_KEY', 'your_secret_key_here');
define('JWT_AUTH_CORS_ENABLE', true);

3️⃣ Example API Request (Using cURL)

curl -X POST "; \
     -H "Authorization: Bearer YOUR_JWT_TOKEN"

4️⃣ Response I Get (Incorrect)

<!DOCTYPE html>
<html>
<head>...</head>
<body>
  <form method="post" action=".php">...</form>
</body>
</html>

Instead of a JSON response, I receive the WordPress login page in HTML.

Questions:

1. Why is my API redirecting to the login page instead of returning JSON?

2. Could there be a missing configuration causing WordPress to handle the request as a normal page load?

Would appreciate any insights!