Is this plugin suppose to resctrict API access ?

Viewing 2 replies - 1 through 2 (of 2 total)

  • (I’m not a maintainer, just a user passing by.)

    This plugin’s job is not restrict but to authentify. What it does is allow REST requests to be run as a particular user. The GET request you’re testing runs fine (with or without the plugin) even without any authentication since it does not require any particular capability to be executed. Any anonymous user can browse your posts and that’s what a GET on /posts does in a way.

    If you try to POST or DELETE without an Authorization header you will get a different behaviour.

    Thread Starter dduvacher

    (@dduvacher)

    Ok thank you.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Is this plugin suppose to resctrict API access ?’ is closed to new replies.

Tags