header.payload.signature. The header describes the signing algorithm, the payload contains your identity and permissions, and the signature proves the token was issued by WeCareRemote and has not been altered. You do not need to construct tokens yourself — WeCareRemote issues them for you at login.
Obtaining a token
Your JWT token is issued automatically when you log in through the WeCareRemote platform.Log in to WeCareRemote
Sign in at wcr.is/home using your email and password.
Receive your token
On successful login, WeCareRemote issues a JWT token. The token encodes your user identity, role, and permissions.
Using your token in API requests
To fetch your JWT token directly, call the token endpoint:Authorization header on every API request:
Verifying your token
You can verify that your token is valid at any time by calling the verification endpoint. Endpoint:POST https://getme.global/api/v1/wordpress_auth/verify_jwt_token
Request body:
permissions array contains your assigned role — either ["blog"] for refugee users or ["org_admin"] for NGO administrators. See user roles for details on what each role can access.
Token expiry and errors
Common authentication errors:| Status | Meaning |
|---|---|
401 Unauthorized | Your token is missing, malformed, or expired. Re-authenticate to get a fresh token. |
403 Forbidden | Your token is valid but your role does not have permission to access the requested resource. |