Forum Replies Created

Viewing 1 replies (of 1 total)
  • Thread Starter srothweiler

    (@srothweiler)

    Hello,

    I did some further testing and found the following:

    • The WooCommerce mobile app connects successfully when Force Login is disabled.
    • The connection fails immediately when Force Login is enabled.
    • /wp-json/ is accessible and returns valid JSON.
    • The REST API output contains the authentication.application-passwords.endpoints.authorization entry and correctly points to /wp-admin/authorize-application.php.
    • authorize-application.php works correctly in the browser when logged in as an administrator.
    • XML-RPC is working.
    • HTTPS is working.
    • I also tested bypassing the rest_authentication_errors restriction, but the WooCommerce app still could not connect.

    Based on these tests, it appears that the issue is not simply that the REST API is blocked. It seems that Force Login is intercepting or redirecting an authentication request used by the WooCommerce mobile app during the application password authorization process.

    Could you please advise which additional endpoint(s) or request(s) used by the WooCommerce mobile app need to be excluded via v_forcelogin_bypass?

Viewing 1 replies (of 1 total)