diff --git a/includes/api/class-wc-rest-authentication.php b/includes/api/class-wc-rest-authentication.php
index b311c699509..e10835c3f49 100644
--- a/includes/api/class-wc-rest-authentication.php
+++ b/includes/api/class-wc-rest-authentication.php
@@ -23,6 +23,25 @@ class WC_REST_Authentication {
 		add_filter( 'rest_post_dispatch', array( $this, 'send_unauthorized_headers' ), 50 );
 	}
 
+	/**
+	 * Check if is request to our REST API.
+	 *
+	 * @return bool
+	 */
+	protected function is_request_to_rest_api() {
+		if ( empty( $_SERVER['REQUEST_URI'] ) ) {
+			return false;
+		}
+
+		// Check if our endpoint.
+		$woocommerce = false !== strpos( $_SERVER['REQUEST_URI'], 'wp-json/wc/' );
+
+		// Allow third party plugins use our authentication methods.
+		$third_party = false !== strpos( $_SERVER['REQUEST_URI'], 'wp-json/wc-' );
+
+		return apply_filters( 'woocommerce_rest_is_request_to_rest_api', $woocommerce || $third_party );
+	}
+
 	/**
 	 * Authenticate user.
 	 *
@@ -31,7 +50,7 @@ class WC_REST_Authentication {
 	 */
 	public function authenticate( $user_id ) {
 		// Do not authenticate twice and check if is a request to our endpoint in the WP REST API.
-		if ( ! empty( $user_id ) || isset( $_SERVER['REQUEST_URI'] ) && false === strpos( $_SERVER['REQUEST_URI'], 'wp-json/wc' ) ) {
+		if ( ! empty( $user_id ) || ! $this->is_request_to_rest_api() ) {
 			return $user_id;
 		}