Rest API code”:”rest_forbidden” error

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Andrew Lima

    (@andrewza)

    Hi @kautukbhatnagar

    Thank you for reaching out to Paid Memberships Pro.

    This sounds like your user that you are trying to authenticate with does not have relevant permissions for that particular route.

    Does this happen for all Paid Memberships Pro routes you try to interact with or only specific ones?

    You may also filter and adjust the required capabilities for each route to your own needs by using the ‘pmpro_rest_api_route_capabilities’ filter outlined here – https://github.com/strangerstudios/paid-memberships-pro/blob/dev/includes/rest-api.php#L985-L1000

    I hope this helps clear things up.

    Thread Starter kautukbhatnagar

    (@kautukbhatnagar)

    this happen for all Paid Memberships Pro routes i am trying to interact with

    Plugin Author Andrew Lima

    (@andrewza)

    Thanks, this sounds like your account that you’re authenticating with doesn’t have the right permissions. I haven’t been able to replicate this issue on my test site.

    I did not install Application Passwords, as this is included in newer versions of WordPress. A great way to test these routes is to use Postman and use basic authentication with your username and application password to ensure this isn’t code related from your app.

    Thread Starter kautukbhatnagar

    (@kautukbhatnagar)

    @andrewza Can you please guide me

    I think I am missing something here, you might be able to locate it in minutes.
    I tried in postman and getting the same result actually… Even tried without Application Passwords

    Plugin Author Andrew Lima

    (@andrewza)

    @kautukbhatnagar I’m not too sure what’s going wrong with your REST API as it’s difficult to assume what’s interfering here.

    I recommend in testing this with an admin account when authenticating to ensure you have all the right capabilities as I mentioned earlier. By default you have to authenticate for Paid Memberships Pro routes as per the code I referenced and not using an application password or authenticating with the REST API would result in the error you are experiencing.

    The most common cause of the 401 issue, is that your authentication is either wrong or the authenticated account does not have capabilities outlined here – https://github.com/strangerstudios/paid-memberships-pro/blob/dev/includes/rest-api.php#L985-L1000 (Such as ‘pmpro_orders’ or ‘pmpro_edit_memberships’).

    Here is an image of my postman test to my local environment that’s working:

    https://i.postimg.cc/NMn8YfT7/Screen-Shot-2022-10-20-at-13-56-54.png

    If you need more detailed help, I recommend reaching out to a local WordPress developer or post to jobs.wordpress.net to get help from a developer to debug this site specific issue further.

    • This reply was modified 2 years, 5 months ago by Andrew Lima.

    I have the similar issue.
    For my admin user I created Application Password, then I created base64 from auth data:
    const token = Buffer.from(${process.env.WP_USERNAME}:${process.env.WP_APP_PASSWORD}).toString( 'base64');

    Set Basic Authorization:
    axios.defaults.headers.common['Authorization'] = Basic ${token};

    But any /pmpro/v1 route, I’m trying to trigger always returns me the error:

     data: {
      status: 'error',
      error: 'Restricted',
      error_description: 'Sorry, you are not allowed to access REST API.'
    }

    My user has all pmpro capabilities.

    • This reply was modified 2 years, 3 months ago by bohdanwlcm.
    • This reply was modified 2 years, 3 months ago by bohdanwlcm.
Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Rest API code”:”rest_forbidden” error’ is closed to new replies.

Tags