Selectively allowing API endpoints

(@ainstushar)

Hello, it seems that AAM is not allowing me to selectively allow/deny specific API endpoints.

This is what my policy looks like for the user:

{
    "Version": "1.0.0",
    "Dependency": {
        "wordpress": ">=5.5.3",
        "advanced-access-manager": ">=6.7.1"
    },
    "Statement": [
        {
            "Effect": "allow",
            "Resource": [
                "Route:restful:\/gg\/v1:get",
                "Route:restful:\/gg\/v1\/user:post",
                "Route:restful:\/gg\/v1\/glucose:get",
                "Route:restful:\/gg\/v1\/glucose\/check:post",
                "Route:restful:\/gg\/v1\/glucose\/get:post"
            ]
        }
    ],
    "Param": []
}

Yet when I try to make a post request to gg/v1/user, it tells me rest_access_denied. How can that be?

I am using the appropriate user credentials to get JWT and using that in the auth header.

Thanks.

Viewing 1 replies (of 1 total)

Thread Starter ainstushar
(@ainstushar)

5 years, 3 months ago

Hello,

Is there any update on this? Does AAM allow us to deny access to select API endpoints? Is this a paid functionality or part of the free plugin?

Thank you.

Viewing 1 replies (of 1 total)

The topic ‘Selectively allowing API endpoints’ is closed to new replies.