403 error when try to create PO by api

  • Resolved richardferlow

    (@richardferlow)


    3 years, 10 months ago

    Im trying to create Purchase Order by Atum API

    Here rest api request (im using phpstorm for this)

    POST https://***/wp-json/wc/v3/atum/purchase-orders/
Authorization: Basic ck_*** cs_***
Content-Type: application/json

{
  "date_expected": "2022-11-11T11:26:41",
  "description": "Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Vestibulum tortor quam, feugiat vitae, ultricies eget, tempor sit amet, ante. Donec eu libero sit amet quam egestas semper. Aenean ultricies mi vitae est. Mauris placerat eleifend leo.",
  "status": "atum_ordered",
  "line_items": [
    {
      "product_id": 93,
      "quantity": 2
    },
    {
      "product_id": 22,
      "variation_id": 23,
      "quantity": 1
    }
  ]
}

    But i always get a 403 error

    {
  "code": "woocommerce_rest_cannot_create",
  "message": "Lo siento, no tienes permiso para crear recursos.",
  "data": {
    "status": 403
  }
}

    Why?

    GET https://***/wp-json/wc/v3/atum/purchase-orders
Authorization: Basic ck_*** cs_***

    GET Request return – Answer – 200 [ok] but response is empty, but i have a lot of atum PO’s here (312 orders)

    Where did I make a mistake and what am I doing wrong?

    With the same cs_ ck_ authorization data main requests to Woocommerce like – show order list – works as expected.

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Salva Machi

    (@salvamb)

    3 years, 10 months ago

    Hi @richardferlow

    At first sight, this error seems related to the permissions has the user linked to the API keys you are using or the API keys not being received correctly.
    When you created those keys, did you select an admin user from the list?
    And did you select the Read/Write option on the permissions select box?

    Also, might you try to send the keys as params (instead of the Authorization header) as suggested in the documentation, please?

    https://stockmanagementlabs.github.io/atum-rest-api-docs/#authentication-over-https

    I hope this helps.

    Best Regards,
    Salva.

    Thread Starter richardferlow

    (@richardferlow)

    3 years, 10 months ago

    I tries this in postman

    https://***/wp-json/wc/v3/orders?consumer_key=***&consumer_secret=***

    – works as expected and show me my orders

    but

    https://***/wp-json/wc/v3/atum/purchase-orders?consumer_key=***&consumer_secret=***

    return empty answer

    Thread Starter richardferlow

    (@richardferlow)

    3 years, 10 months ago

    I try to disable ATUM API in Atum Settings – Modules and
    https://***/wp-json/wc/v3/atum/purchase-orders?consumer_key=***&consumer_secret=*** show ->

    {
    "code": "rest_no_route",
    "message": "No se ha encontrado ninguna ruta que coincida con la URL y el método de la solicitud.",
    "data": {
        "status": 404
    }
}

    wp-json/wc/v3/atum/inventory-logs – also return empty answer

    Thus, I assume that the ATUM API does not function. Is it functional, can it be used?

    • This reply was modified 3 years, 10 months ago by richardferlow.
    Plugin Author Salva Machi

    (@salvamb)

    3 years, 10 months ago

    Hi @richardferlow

    If you disable the ATUM API, all the endpoints added by ATUM will be unusable, indeed (including those 2 you have tried: /atum/purchase-orders and /atum/inventory-logs). So it’s normal that you receive the error saying that the path wasn’t found in this case.

    I can confirm that the ATUM API works and is being used by many users and it is also being used by our mobile App (actually in beta). Also, I have all the endpoints configured on my Postman and are working as expected (I’ve tested it before posting my last message).

    But what you’ve said that is returning you the WC orders but not the purchase orders when using the same keys in Postman, is very weird. Perhaps this could happen if the user you selected to generate the keys is not an administrator and have any other role like “Shop manager”. Please, do read this article for more info: https://stockmanagementlabs.crunch.help/tips-and-tricks/how-to-give-atum-permissions-to-the-shop-manager-with-user-role-editor
    Or if you have the Purchase Orders module disabled in ATUM Settings.

    Best Regards,
    Salva.

    Thread Starter richardferlow

    (@richardferlow)

    3 years, 10 months ago

    I made the keys for the user – administrator.

    Now I created new keys for the user with shop-manager rights. at first the request returned me that I do not have enough rights. for this user I made the rights as described in the instructions on the link you sent. after that the error disappeared, but GET requests are coming back empty again.

    What to do? =(

    Purchase Orders enabled

    • This reply was modified 3 years, 10 months ago by richardferlow.
    Plugin Author Salva Machi

    (@salvamb)

    3 years, 10 months ago

    If it was an administrator, it should be enough for retrieving info for any ATUM API endpoint. There is no need to create keys for a shop manager in this case.

    But it’s very weird…
    In order to investigate this, we would need to access your site and check your configuration. Might you open a private ticket and we can continue with this discussion privately, please?

    Best Regards,
    Salva.

    Thread Starter richardferlow

    (@richardferlow)

    3 years, 10 months ago

    The problem was a conflict with the Advanced Bulk Editor 5.1 plugin. How to solve this I do not know yet.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘403 error when try to create PO by api’ is closed to new replies.