diff --git a/ai-authenticate-rest-api.php b/ai-authenticate-rest-api.php
index aa76d2cd1d59fca57be957b025ad73e5aae4d54d..50bf040e48ed4cec2288595f56ef7c76ecd8efef 100644
--- a/ai-authenticate-rest-api.php
+++ b/ai-authenticate-rest-api.php
@@ -10,11 +10,12 @@
  * License URI: http://opensource.org/licenses/MIT
  */
 
-function ai_authenticate_rest_api_is_well_known_request() {
+function ai_authenticate_rest_api_is_wp_rest_api_request() {
+    // Identify "core" WP REST API requests, by their URL prefix.
     return strncmp(
         $_SERVER['REQUEST_URI'],
-        '/.well-known/',
-        strlen('/.well-known/')) == 0;
+        '/wp/v2/',
+        strlen('/wp/v2/')) == 0;
 }
 
 add_filter('rest_authentication_errors', function($result) {
@@ -25,9 +26,10 @@ add_filter('rest_authentication_errors', function($result) {
     }
  
     // No authentication has been performed yet.
-    // Return an error if user is not logged in.
+    // Return an error if user is not logged in, but only if we
+    // think the request is for the main WP REST API.
     if (!is_user_logged_in() &&
-        !ai_authenticate_rest_api_is_well_known_request()) {
+        ai_authenticate_rest_api_is_wp_rest_api_request()) {
         return new WP_Error(
             'rest_not_logged_in',
             __('You are not currently logged in.'),