How get the token ?

@reivax35

Sorry for the troubles you are having. I have ran some test locally, and I am able to run the request fine.

Can you provide the plugin version, WP version, PHP Version, Server OS (Windows/Linux)?

Update: I tested POSTMAN and everything checked out (We actually use POSTMAN to unit test before release) from what I can tell. I will wait for you response to see where we can turn to next to get your project up and running ??

Hi,

I am having the same issue a POST to WP OAUTH SERVER returning:
{
“error”: “invalid_request”,
“error_description”: “The request method must be POST when requesting an access token”,
“error_uri”: “https://tools.ietf.org/html/rfc6749#section-3.2”
}
when I am sending a POST in Postman.

I modified my .htaccess to be the same as the bottom of: https://wp-oauth.com/2016/01/cors-preflight-requests-issues/

I am using version 3.1.x of the plugin (will update to 3.2),
In Postman I am passing the client ID and secret in Authorization, with a grant_type of authorization_code in the body.

I am running wordpress on localhost. I can use WP REST with basic authentication and with Oauth1.0a – except for OPTIONS and filters.

Any idea?

What is the link that you are targeting for your server? Please omit your server url and give everything after your domain.

I am suspecting that if you are using permalinks and you are now appending the trailing slash, WP will do a redirect and this might be where the system is not seeing no POST request.

Let me know.
Thanks

I am using permalink for WP REST and a local implementation: https://localhost:8080/wordpress?oauth=token

Could this be the issue? What should I try?
Thanks

No, I think you have it setup right. There has to be something small. What if your WP and PHP version. For giggles, what happens if you tries to authorize with all other plugins disabled?

I am up-to-date running WP 4.5.2.

I tried todd-activate all plugins but it did not help. Could it be linked to an issue with the header?

Thanks

I would not think it would be the header but I would not rule it out.
If there a .htaccess access file? If so, try removing everything in it and see what happens. Also, are you using windows or mac (just for reference)?

Hi,

There is a clickable link right under the send button labeled “Generate Code” in POSTMAN. Could you click on that and let me know what it shows?

Hi

I tried deleting everything from the .htaccess file but it did not help: Still having the same issue.

I also tried the password grant type (I purchase a full license), using a real username and password, but got exactly the same error . This is the log from postman

POST /wordpress?oauth=token HTTP/1.1
Host: localhost:8080
Authorization: Basic dkVpQ0t4VVZCVGtMUTFkV0JSRWR0VDU2QmV5UkwyOjg2ZW1qWlpIWVJDbkF4THRjRjJiZWZJQzh5a3d4MA==
Cache-Control: no-cache
Postman-Token: fc833b5b-dfe2-1530-3283-0e609bc4ae16
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=xxxxxx&password=xxxxx

Any thoughts?

Thanks

Ok. There is a couple things that stick out. I am going to try to create an instance and see if I can replicate the issue.

Here is some information that I gathered so far.

– You are using User Credentials
– You are using a port call in the URL of :8080
– You are running WordPress in a sub directory
– You are using the latest WordPress package

I am going to create an instance of this and see if I can give you some answers. Thank you for your patience in the matter.

Justin

Hi @nickbuc,

I was able to replicate the issue and I also was able to come up with a solution. Since you are running in a sub directory, WordPress needs to use the trailing slash (/) to operate. By omitting the trailing slash, WordPress is performing a redirect to the slash. At this point the POST is lost and the server presents the POST error.

Solution is simply to use a trailing slash in your host like the following:

localhost:8080/wordpress/?oauth=token

Please try this and let me know if that works for you.

Thanks

Hi Justin,

Thanks again for the support.
I did try again with the “/” after the sub-directory, but got another error:

{
  "error": "invalid_client",
  "error_description": "No client id supplied"
}

I sent:

POST /wordpress/?oauth=authorize HTTP/1.1
Host: localhost:8080
Authorization: Basic dkVpQ0t4VVZCVGtMUTFkV0JSRWR0VDU2QmV5UkwyOjg2ZW1qWlpIWVJDbkF4THRjRjJiZWZJQzh5a3d4MA==
Cache-Control: no-cache
Postman-Token: 45ee3728-60ae-c945-7e0a-f0eddae9b8af
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=xxxxxxxxx&password=xxxxxxx

I need to redo a clean installation of wordpress and start from scratch.

Thanks.

Try providing the client_id and client_secret in the body as well. Is certain setups, this is required because of limitation in basic authorization.

Hi Justin,

It works well now. I still use basic auth for the client_id and client_secret.
I added a param ‘content_type’ of ‘application/json’ in the header which seems to have make the difference.

Thanks a lot again for your great support!