when I do
I get:
"code": "rest_user_cannot_view",
"message": "Sorry, you are not allowed to list users.",
"data": {
"status": 401
}
I am using Postman... please help
when I do http://dayroomstay/wp-json/wp/v2/users
I get:
"code": "rest_user_cannot_view",
"message": "Sorry, you are not allowed to list users.",
"data": {
"status": 401
}
I am using Postman... please help
Share Improve this question asked May 17, 2019 at 0:21 David DelatorreDavid Delatorre 331 gold badge1 silver badge3 bronze badges 3- How have you configured auth with Postman? That's an authenticated endpoint, I get the same result if I visit that endpoint ( I'm a logged out user so it's expected ) – Tom J Nowell ♦ Commented May 17, 2019 at 1:16
- Hi Tom, thank you, – David Delatorre Commented May 17, 2019 at 3:15
- could you direct me in the right directions as to how configure Auth with postman? I am new to it... – David Delatorre Commented May 17, 2019 at 3:17
1 Answer
Reset to default 5Read the docs: you need to add a Header named X-WP-Nonce to your requests to the API that require authentication, as you can see in the jQuery example.
However the catch is getting that nonce in the first place. WordPress inject that token itself in the post editing screens. Type wpApiSettings in the developer console and you can get the nonce. You will need to send your wordpress_logged_in cookie too, that can be retrieved from the request headers in the Network tab of your browser dev tools.
I'm sharing an example of how you put that headers in your Postman request:
However making it for an app that is not coupled to the WP backend itself can be cumbersome, that´s why there are other options, like Basic authentication that I´m not a big fan, and JWT authentication plugin. Both are linked in the documentation page that I linked.