Root visibility and specific permissions

  • Resolved brasofilo

    (@brasofilo)


    2 years, 11 months ago

    Just an observation to newbies of this plugin such as myself, the root visibility has nothing to do with authorized endpoints.

    Meaning: if we only select “Rest API Root” for a user role, the user will be able to see all endpoints but cannot use any of them.

    On the other hand, if we check everything but “Rest API Root”, the user will have access to everything but won’t be able to see the list of all endpoints in /wp-json/

    • This topic was modified 2 years, 11 months ago by brasofilo.
    • This topic was modified 2 years, 11 months ago by brasofilo.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Dave McHale

    (@dmchale)

    Hi @brasofilo

    Sorry for the confusion. That option is not a universal/global setting, but access to the / endpoint itself. If you only select “Rest API Root”, you can ONLY see that endpoint. If you select everything else BUT that, you cannot access / directly but yes, can access all of the specific endpoints that you whitelisted.

    If you have a suggestion on how to make that more clear to a new user of the plugin, I’m happy to consider some ideas ?? Thanks for using the plugin!

    Plugin Author Dave McHale

    (@dmchale)

    since I haven’t heard back I’m going to mark this ticket as resolved, but if you have any other questions/suggestions please feel free to make a new one. thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Root visibility and specific permissions’ is closed to new replies.

Tags