Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)
  • wesleycharlesblake


    Hi Roger!

    Glad you’ve got it sorted. So it def does seem like the front end and back end validation for the passwords are deviating somewhat. We’ve created an issue to look into this some more and make the errors a bit more forth coming.

    I also noticed that the README for the wordpress-plugin is referencing the legacy application.

    So you will need to get a token by logging into the web app on

    API tokens with TEST_ prefix will be for testnet. You will be able to toggle the live or mainnet network and create a production token from the new web app (above)

    And you will need to configure your plugin with the new production API URL:

    Let us know if you have any other issue!



    Thanks for all the info.

    So the auth is handled by the API, and is outside the realm of the WP plugin. The frontend ( handles the login through the API (

    Can you have a look at the OpenAPI definition on Swagger, in particular the login methods

    You can also create an account from Swagger.

    This may help you debug your implementation somewhat.

    Be sure that your operations are directed at the API (, and not the frontend app.

    In the mean time I will bring your research to the rest of the team and see what we can make of it 🙂



    hey @rogerwheatley

    So Im still unable to replicate your issue.

    I have tried to replicate using the following browsers:

    Linux, Chrome & Firefox
    Windows, Chrome
    iPad with Chrome
    iPhone wih Safari
    Android Chrome

    And I have not encountered any issues at all. The CORS headers also check out fine:

    curl -vX OPTIONS
    *   Trying
    * Connected to ( port 443 (#0)
    * found 148 certificates in /etc/ssl/certs/ca-certificates.crt
    * found 604 certificates in /etc/ssl/certs
    * ALPN, offering http/1.1
    * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
    *      server certificate verification OK
    *      server certificate status verification SKIPPED
    *      common name: * (matched)
    *      server certificate expiration date OK
    *      server certificate activation date OK
    *      certificate public key: RSA
    *      certificate version: #3
    *      subject: CN=*
    *      start date: Tue, 09 Oct 2018 00:00:00 GMT
    *      expire date: Sat, 09 Nov 2019 12:00:00 GMT
    *      issuer: C=US,O=Amazon,OU=Server CA 1B,CN=Amazon
    *      compression: NULL
    * ALPN, server did not agree to a protocol
    > OPTIONS /accounts HTTP/1.1
    > Host:
    > User-Agent: curl/7.47.0
    > Accept: */*
    < HTTP/1.1 200 OK
    < Access-Control-Allow-Origin: *
    < Allow: POST
    < Content-Security-Policy: script-src 'self'
    < Content-Type: text/plain; charset=utf-8
    < Date: Wed, 02 Jan 2019 18:15:21 GMT
    < Referrer-Policy: same-origin
    < Strict-Transport-Security: max-age=15552000; includeSubDomains
    < Vary: Origin
    < X-Content-Security-Policy: script-src 'self'
    < X-Content-Type-Options: nosniff
    < X-DNS-Prefetch-Control: off
    < X-Download-Options: noopen
    < X-Frame-Options: DENY
    < X-WebKit-CSP: script-src 'self'
    < X-XSS-Protection: 1; mode=block
    < Content-Length: 0
    < Connection: keep-alive
    * Connection #0 to host left intact

    Access-Control-Allow-Origin: * is set, so you will be able to request the api endpoint.

    Are you perhaps running behind a proxy? such as Squid? which has heavy caching? This is the only thing I can think of.



    Mmmm. Ok…

    I’m still battling to reproduce your issue though. I’ve created new accounts, reset passwords and even posted works. It’s pretty weird !

    Can you please list the exact steps I can take to reproduce? That way I can try identify where the issue is and resolve it for you.



    Hi @rogerwheatley

    Are you using the new Uri since shipped to mainnet?

    You should be using

    I’ve just tested the sign up and received confirmation emails and successful login.

    The is being deprecated soon.

    Can you give th new endpoint a shot?

Viewing 5 replies - 1 through 5 (of 5 total)