Basic Autentication with WP REST API 2

  • Hi there.
    I’m trying to make some tests running WP REST API on WordPress 4.7.5

    As far as I know, this version of WP has the Rest Api embedded. In fact I managed to send a GET request without any problem.
    Problem is making POST/DELETE requests, that need an authentication to be processed.

    I read a lot about it, but unfortunately everybody talks about previous versions of WP and says that I need a plugin (that’s not needed… I know).

    I started with Basic Authentication, using Google Chrome Postmaster (to be sure that the request id formally correct), sending a string base64 encoded, containing “user:password” couple.
    Server returns a string like “401 – user cannot create”.
    Off course I’m using ad admin user with full privileges!

    I tried to modify my .htaccess, and I followed many other guides and tricks. No way! ??
    Seems like version 4.7.5 of WP does not allow Basic Authentication.

    I also tried to make te same call via Ajax… same result!

    Is there anybody here, that faced the same issue?

    Thanks

Viewing 1 replies (of 1 total)
  • Moderator bcworkz

    (@bcworkz)

    Let’s not call REST authentication “Basic”, Basic Authentication is something you set up through Apache/.htaccess that applies to any file access, not just REST. With the REST API, the default authentication is cookie based. It is a pretty basic method, but the term “basic” can be confusing.

    And you’re right, REST API is now built in to WP, no plugin needed for cookie authentication. You will need a plugin for any other type of authentication. Not for REST itself, just for different authentication methods. With cookie authentication, any privileged REST request you make, like creating or deleting a post for example, requires a user with that capability to be currently logged in through the client making the request so the cookie data is sent with the request for verification. I’m not familiar with Postmaster, I believe it can somehow receive and send cookie data. First send a successful login request, then the REST request and all should be fine.

Viewing 1 replies (of 1 total)
  • The topic ‘Basic Autentication with WP REST API 2’ is closed to new replies.