WordPress.org

Forums

WP REST API (WP API)
[resolved] Cookie Authentiction with Angularjs (3 posts)

  1. nidalhajaj
    Member
    Posted 9 months ago #

    I am trying to allow logged in users to read private post through the api issuing the simple api call /wp-json/posts/1 (which is a private post).

    However even when I am logged in with admin rights I still get a 401 unauthorised error.

    The documentation states that "WP API includes a technique called nonces to avoid CSRF issues. This prevents other sites from forcing you to perform actions without explicitly intending to do so. This requires slightly special handling for the API. For developers using the built-in Javascript API, this is handled automatically for you."

    Is what I am trying to do possible with this authentication?

    https://wordpress.org/plugins/json-rest-api/

  2. Ryan McCue
    Member
    Plugin Author

    Posted 9 months ago #

    You'll need to either send the X-WP-Nonce header, or the _wp_json_nonce query parameter with your request. You'll need to generate this on the server with wp_create_nonce( 'wp_json' ), which you can then output on to the page for your script using wp_localize_script.

    (This assumes you're accessing the data from the site's frontend, not from an external site.)

  3. nidalhajaj
    Member
    Posted 5 months ago #

    Thanks for the help Ryan

    As of wordpress 4 I've noticed that you can only use the X-WP-Nonce header, the _wp_json_nonce query parameter seems to have been disabled.

Reply

You must log in to post.

About this Plugin

About this Topic