Support » Plugin: WooCommerce » WooCommerce REST API Error 401

  • Resolved Ishtiyaq Husain

    (@ishtiyaqhu)


    PLEASE NOTE THAT MY CONSUMER KEY AND CONSUMER SECRET IS 100% CORRECT.

    Today I update my Woocommerce to latest version 3.6.1 and suddenly REST API stops working and giving me error 401.

    {
    “code”: “woocommerce_rest_cannot_view”,
    “message”: “Sorry, you cannot view this resource.”,
    “data”: {
    “status”: 401
    }
    }

    Before the update, everything was working fine. I have doubled check the keys and it is right. It’s the update which created the problem. I have my own version of the dashboard which uses the WP API, It was working fine before the update.

    Please Don’t give me this answer, as I already tried this:
    Hey there. 401 errors mean that you’ve got bad credentials and are using the wrong API keys: https://woocommerce.github.io/woocommerce-rest-api-docs/#errors

    PLEASE NOTE THAT MY CONSUMER KEY AND CONSUMER SECRET IS 100% CORRECT.

Viewing 15 replies - 1 through 15 (of 19 total)
  • Plugin Author Mike Jolley

    (@mikejolley)

    Some server environments struggle with auth because they do not support headers, and whist this can be fixed via htaccess, I’ve seen some other reports of those htaccess being removed by something after updates.

    Can you try posting to the API without headers, instead using querystring? /api/endpoint/?consumer_key=X&consumer_secret=X

    The same problem with the suggested solution. if this is an “htaccess” problem, then why it was working fine before the update?

    Plugin Author Mike Jolley

    (@mikejolley)

    > I’ve seen some other reports of those htaccess being removed by something after updates.

    ^ because.

    e.g. some users fixed this with:

    
    # BEGIN WordPress
        <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteBase /
        RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule . /index.php [L]
        </IfModule>
        # END WordPress
    

    Show me the request you’re making with the query string auth (X out your keys).

    This is how I am trying to access, I am getting the same error from POSTMAN as well. I made changes in .htaccess file as per your suggestion, still getting the same error.

    $woocommerce = new Client(
    https://example.com/&#8217;,
    ‘ck_1XXXXXXXXXXXXXXXXXfda’,
    ‘cs_6XXXXXXXXXXXXXXXXX8a8’,
    [
    ‘wp_api’ => true,
    ‘version’ => ‘wc/v3’,
    ‘query_string_auth’ => true,
    ]
    );

    print_r($woocommerce->get(‘orders/123456’));

    Plugin Author Mike Jolley

    (@mikejolley)

    Please try without the client code and instead put the full API url with query string keys into browser address bar and see if you get the same error. This is to rule out the client. I’m having no issues with API and auth locally using Insomnia client or direct via browser.

    I am using NGINX web server, Is there any specific setting with NGINX?

    Plugin Author Mike Jolley

    (@mikejolley)

    .htaccess does for work on nginx afaik :p thats for apache.

    Did you try what I said? The query string will avoid the headers that cause issues like this.

    Tried with the postman, PHP code and browser address bar (query string). I am getting the same error for all the mentioned methods. Above methods are working fine on older Woocommerce version on the same server (I have 2 Woocommerce sites running on the same server). This is the first time I am getting this kind of error after the update.

    Should I downgrade the Woocommerce? What about the new database, will it work with the older Woocommerce version?

    Plugin Author Mike Jolley

    (@mikejolley)

    Probably better to find a solution… can you contact the help desk so someone can get access and test this on your environment?

    How to contact the help desk?

    Plugin Author Mike Jolley

    (@mikejolley)

    https://woocommerce.com/contact-us/ or you can ping me via https://github.com/mikejolley

    I cannot see any code changes that would impact auth yet..

    Thank you @mikejolley for your help.

    Woocommerce version 3.6.0 and 3.6.1 has same content for “is_request_to_rest_api()” function. My system was working fine with 3.6.0 but it stops working with 3.6.1

    This is how I solved my problem, I de-activated all the plugins. First I activated Woocommerce and test the WP REST API request and it worked. Then I started activating rest of the plugins to check if a plugin is creating the problem. Finally, I activated all of the plugins and none of them created the problem. I don’t know what happened, why it was not working earlier. I am happy it’s working now.

    Thank you @mikejolley once again for your help.
    🙂

    Hi,

    I have a similar problem, this is the first time i set up the API, through Postman i cannot login with API keys, but doing it directly in URL: ‘/api/endpoint/?consumer_key=X&consumer_secret=X’
    This does work for me!
    What does this mean, and what can i do about it?
    Running on Apache btw. I tried adding in htaccess:

    RewriteRule ^index\.php$ – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
    &
    SetEnvIf Authorization “(.*)” HTTP_AUTHORIZATION=$1

    but no luck so far

    Thanks!

    • This reply was modified 6 months, 4 weeks ago by smurf9852. Reason: more info

    I run into the same issue after I had changed the server. I got a 401 response with the v3 API.

    After changing the .htaccess like Mike proposed the problem was solved.

    Only line changed:

    RewriteRule ^index\.php$ – [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

    Ben

    (@bencalder)

    I had this issue around the same time as a few other people.

    After a bit of a process of elimination and disabling all of my plugins as above I found that 2 discount plugins (1 being Dynamic Discounts and the other being Varteck pricing both break the REST API after the WooCommerce update around the middle of April.

    I have left them both disabled for the moment and everything is working ok.

Viewing 15 replies - 1 through 15 (of 19 total)
  • You must be logged in to reply to this topic.