admin管理员组文章数量:1334184
Using Wordpress's plugin WP REST API version 1, there is an endpoint called /users/me which response with data for the currently logged-in user. When I requested /users/me I got 403 Request Forbidden error. But If I requested /users/1 (where 1 is the user ID) then everything works. So why am I getting 403 error for /users/me endpoints? I'm using Postman to send my request:
THIS WORKS (userID 1 is the currently logged-in user):
={myAccessToken}
DOESN'T WORK:
={myAccessToken}
However, when using WP REST API version 2, /users/me works but it only returns a subset of what version 1 would have returned. The data is incomplete by comparison (i.e. email, first name, last name ...etc)
={myAccessToken}
{
"avatar_urls": {
"24": ";d=mm&r=g",
"48": ";d=mm&r=g",
"96": ";d=mm&r=g"
},
"description": "",
"id": 1,
"link": "/",
"name": "admin",
"url": "",
"_links": {
"self": [
{
"href": ""
}
],
"collection": [
{
"href": ""
}
]
}
}
Using Wordpress's plugin WP REST API version 1, there is an endpoint called /users/me which response with data for the currently logged-in user. When I requested /users/me I got 403 Request Forbidden error. But If I requested /users/1 (where 1 is the user ID) then everything works. So why am I getting 403 error for /users/me endpoints? I'm using Postman to send my request:
THIS WORKS (userID 1 is the currently logged-in user):
http://example/wp-json/users/1?access_token={myAccessToken}
DOESN'T WORK:
http://example/wp-json/users/me?access_token={myAccessToken}
However, when using WP REST API version 2, /users/me works but it only returns a subset of what version 1 would have returned. The data is incomplete by comparison (i.e. email, first name, last name ...etc)
http://example/wp-json/wp/v2/users/me?access_token={myAccessToken}
{
"avatar_urls": {
"24": "http://2.gravatar/avatar/29b3ef85f13fedb43f84e6cb4a634e73?s=24&d=mm&r=g",
"48": "http://2.gravatar/avatar/29b3ef85f13fedb43f84e6cb4a634e73?s=48&d=mm&r=g",
"96": "http://2.gravatar/avatar/29b3ef85f13fedb43f84e6cb4a634e73?s=96&d=mm&r=g"
},
"description": "",
"id": 1,
"link": "http://example/author/admin/",
"name": "admin",
"url": "",
"_links": {
"self": [
{
"href": "http://example/wp-json/wp/v2/users/1"
}
],
"collection": [
{
"href": "http://example/wp-json/wp/v2/users"
}
]
}
}
1 Answer
Reset to default 1The subset of data you are seeing is the publicly available author data. ie. if a user has published content on the site, their name, gravatar and description is deemed public data and available to un-authenticated requests.
If you're seeing this user data you can assume the access_token is invalid.
本文标签: pluginsWordpress usersme endpoint request forbidden
版权声明:本文标题:plugins - Wordpress usersme endpoint request forbidden 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742363828a2460886.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论