• Resolved rudolfl

    (@rudolfl)


    Hi all,

    I am tearing my hair out here!
    Trying to get order info and getting 401:

    {
    “code”: “woocommerce_rest_cannot_view”,
    “message”: “Sorry, you cannot view this resource.”,
    “data”: {
    “status”: 401
    }
    }

    I got it down to the fact authorization does not succeed (user is not logged in).
    Here is what I did:
    Legacy API enabled
    Keys are generated and re-generated for admin user and another user with Shop Manager permission

    I created test setup on same server with relatively “virgin” WooCommerce setup. I can use API with no problem.

    I use Postman to simulate API calls and calls to working and non-working setups are same (except keys of course). So, it is not a server setup, but rather something on my site. Authorisation is Oath 1.0

    When user is logged in as admin, I can use APIs via same browser and all works, so problem is definitely with authentication.

    Caching plugins are disabled.

    I tried to add to .htaccess:
    RewriteRule ^index\.php$ – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

    The difference I see between working and non-working calls are in returned headers:
    Non-working: Cache-Control →no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Working: Cache-Control →no-cache, must-revalidate, max-age=0

    Working also get two extra header tags:
    Allow →GET, POST, PUT, PATCH, DELETE
    Content-Encoding →gzip

    Where exactly authentication is happening? I can put some debug code in to see what exactly happens. I tried to sprinkle some debug in class-wc-rest-authentication.php, but looks like none of the authorisation functions get called. in fact authenticate() is not being called, so seems WP doe snot even try to authorise user!

    Any help will be greatly appreciated,
    Thank you,
    Rudolf

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter rudolfl

    (@rudolfl)

    I installed plugin “Application Password” (found suggestion on the web) and this fixed my REST API issue, but I have no idea how!

    Would love for someone to explain what is happening!

    Thanks,
    Rudolf

    Plugin Support John Coy a11n

    (@johndcoy)

    Automattic Happiness Engineer

    Hi @rudolfl

    The issue was likely with your code, server cache, or another thing like a code conflict with a plugin or the active theme. Did you try switching back to a default theme like Twenty Nineteen and disabling all plugins except for WooCommerce to see if this resolves the issue?

    Here is the API docs to confirm the API call was correct:

    https://woocommerce.github.io/woocommerce-rest-api-docs/#retrieve-an-order

    Plugin Support Mike M. a11n

    (@mikedmoore)

    Automattic Happiness Engineer

    Hi there,

    We haven’t heard back from you in a while, so I’m going to mark this as resolved – if you have any further questions, you can start a new thread.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘REST API — 401 unauthorised’ is closed to new replies.