403 jwt_auth_no_auth_header with nginx / kinsta

  • Resolved jbeumer

    (@jbeumer)


    4 years, 2 months ago

    Hi,

    I installed the plugin and entered the settings in the wp-config file, but I don’t have any .htaccess file with Kinsta hosting because they are running nginx.
    Kinsta helped me out by adding fastcgi_pass_header Authorization; which is the nginx equivalent to the .htaccess rules that are mentioned in the documentation.
    So I guess there is something else wrong, I’m making a post-request with postman to get my token and this is my requesturl:

    https://mysite.nl/wp-json/JWT-AUTH/V1/TOKEN?username=usernameofadmin&password=mypassword

    and this is the result:

    {
    "success": false,
    "statusCode": 403,
    "code": "jwt_auth_no_auth_header",
    "message": "Authorization header not found.",
    "data": []
}

    I’ve used the username and password of a WP admin user, because I see no option to add a user in the plugin. Could you point me in the right direction?

    • This topic was modified 4 years, 2 months ago by jbeumer.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Bagus

    (@contactjavas)

    Hi @jbeumer , thanks for posting the question.

    To get the token, you need to submit POST (not GET) request to https://mysite.nl/wp-json/jwt-auth/v1/token

    You need to put your username & password to the Body tab instead of Params tab. Your code above indicates that you put the username & password into the Params tab. Please put it to the Body -> form-data

    Thread Starter jbeumer

    (@jbeumer)

    Thanks a lot, putting it in the body and changing /JWT-AUTH/V1/TOKEN to lowercase did the trick!

    @contactjavas I’m curious, the docs mention passing the username and password as a parameter – isn’t that normally considered a query arg or am I misunderstanding?

    To generate token, submit a POST request to this endpoint. With username and password as the parameters.

    Your mention of including it in the body helped me with my issue. Am I misunderstanding how this works or is there more to it?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘403 jwt_auth_no_auth_header with nginx / kinsta’ is closed to new replies.