1. Generate Auth Header
2. Endpoint Configuration
3. iPaaS HTTP Request Settings
Fix WP REST API 401 Unauthorized errors. Instantly generate Base64 Basic Auth headers and JSON payloads for Make.com, n8n, and custom HTTP webhooks safely in your browser.
If you are trying to automate Programmatic SEO (generating articles via AI) or sync your Airtable database to a WordPress directory, the native WordPress modules in Zapier and Make.com will only get you 80% of the way there.
When you need to update Advanced Custom Fields (ACF), manipulate Yoast SEO metadata, or trigger Custom Post Types, you must bypass the standard modules and make a raw HTTP request directly to the WordPress REST API.
The #1 reason these HTTP requests fail is a 401 Unauthorized error. This happens because WordPress requires a very specific Base64-encoded string for authentication. Use the secure, client-side generator above to instantly convert your Application Password into the exact HTTP header required by Make.com and n8n.
How WordPress Application Passwords Work
You should never use your actual WordPress admin password in an automation tool. If your Zapier account is compromised, the attacker has full control over your website.
Instead, you must generate an Application Password:
- Log into your WordPress Admin Dashboard.
- Go to Users > Profile.
- Scroll down to the “Application Passwords” section.
- Enter a name (e.g., “Make.com Automation”) and click Add New Application Password.
- WordPress will generate a 16-character string (e.g.,
abcd efgh ijkl mnop).
Note: You can revoke this specific password at any time without changing your main admin password, instantly cutting off the automation tool’s access.
Fixing the 401 Unauthorized Error (Base64 Encoding)
When you set up an HTTP Request node in your automation tool, you cannot just paste abcd efgh ijkl mnop into the password field.
The standard HTTP protocol requires Basic Authentication. This means your username and your application password must be joined by a colon (username:password) and then mathematically converted into a Base64 String.
If your username is admin and your password is 1234, the Base64 encoded result is YWRtaW46MTIzNA==.
You must then pass this string to WordPress inside the HTTP Headers like this:
- Key:
Authorization - Value:
Basic YWRtaW46MTIzNA==
Our tool above strips the spaces from your Application Password, runs the Base64 math locally in your browser, and generates the exact copy-pasteable Value string.
Updating Custom Meta and ACF via the REST API
Once you have successfully authenticated, the next hurdle is formatting your JSON payload correctly.
By default, the WordPress REST API only accepts core fields like title, content, status, and author.
Updating Advanced Custom Fields (ACF)
If you have the ACF to REST API plugin installed (or are using ACF Pro), you can update custom fields by passing a nested "acf" object in your JSON body. (Select “Update ACF / Custom Meta” in the tool above to see the exact syntax).
Updating Yoast SEO or RankMath Meta Data
To programmatically update your SEO titles and meta descriptions via Make.com or n8n, you must update the post’s hidden meta keys.
To do this, you must first ensure that your target meta keys are registered in the REST API. You can do this by adding a small snippet to your functions.php file:
Php
// Expose Yoast Meta Description to REST API
register_post_meta('post', '_yoast_wpseo_metadesc', array(
'show_in_rest' => true,
'single' => true,
'type' => 'string',
));
Once registered, you can pass "meta": { "_yoast_wpseo_metadesc": "Your AI generated text" } directly into the JSON payload of your automation tool.
Are your custom post types failing to update? If you are building complex programmatic SEO architectures on WordPress, stop wrestling with API endpoints. Download our complete Make.com to WordPress Advanced Custom Fields synchronization blueprint. (Insert your newsletter opt-in or lead magnet link here)