Disabled REST API with Application Passwords?

  • Hi Team,

    So I am trying to make a GET call from Zapier to a WordPress site which has Cerber installed.

    I have REST API disabled with exceptions:

    • Logged In Users
    • Administrator

    I have setup a Application Password for the administrator and I am trying to send this GET request with the user|application password in basic authorization however I am getting ‘Forbidden’ response.

    If I turn off Disable REST API it works.

    We need this Disable REST API to also acknowledge that the call is coming from an Authorised user’s credentials. Not just logged in user.

    I don’t want to enable the REST API to public users, only to those who include their User and Application Password Authorisation.

    Do you have a suggested method to allow this?

    I am trying to do a simple call on a media ID using /wp-json/wp/v2/media/%id%

    • This topic was modified 2 years, 1 month ago by ALPS I.T..
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author gioni

    (@gioni)

    Hi!

    Please note that you have to use an application password you set on the user’s profile page. Not the ordinary one.

    Secondly, ensure that using application passwords is not disabled on the User Policies / Global.

    Thread Starter ALPS I.T.

    (@alpaydogdu)

    Yes I am trying to use Application Password and not the ordinary one. Yes I have already tried all options in user policies. When disable Rest API is enabled it does not work using application password, even when administrator role is allowed.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Disabled REST API with Application Passwords?’ is closed to new replies.