Wordpress JSON Api Auth

Hello guys.
any tips about using a sort of authentication when calling the official Wordpress JSON Api? My idea is to put a login page and a secret section like “create new post” or “create new comment”.
Thanks.

My initial thoughts are using their oauth service, though I’m completely unfamiliar with their API.