con
(@conschneider)
Engineer
Hi @tekbird
Could you post the entire error message with the complete call your are sending?
Kind regards,
https://pasteboard.co/BGlr9ZrrRylD.png
-
This reply was modified 2 years, 6 months ago by
tekbird.
con
(@conschneider)
Engineer
Thanks.
Does not look to be a CORS problem on first glance, but you are sending your creds as Bearer. Are you using JSON Web Tokens?
If not, you need to send them as Basic Auth instead.
I am sending bearer tokens (mini orange token). the issue is only with customers API, I am able to successfully POST products.
con
(@conschneider)
Engineer
> I am sending bearer tokens (mini orange token). the issue is only with customers API, I am able to successfully POST products.
✅.
Could you try the same call using Basic Auth just to see if we can the same security violation? https://github.com/woocommerce/woocommerce/blob/trunk/docs/rest-api/getting-started.md#make-a-basic-request
In that case, I get the following error:
{“status”:”error”,”code”:401,”error”:”INVALID_AUTHORIZATION_HEADER_TOKEN_TYPE”,”error_description”:”Authorization header must be type of Bearer Token.”}
con
(@conschneider)
Engineer
Hi again,
That probably means that the mini orange token is enforcing bearer tokens. Which means we cannot establish a point of reference.
I reckon you should probably talk to miniorange support now: https://wordpress.org/plugins/miniorange-saml-20-single-sign-on/ – they can probably tell you where the Security Violated message is originating from.
Kind regards,
