REST API GET users

admin管理员组

文章数量:1426855

when I do

I get:

 "code": "rest_user_cannot_view",
    "message": "Sorry, you are not allowed to list users.",
    "data": {
        "status": 401
    }

I am using Postman... please help

when I do http://dayroomstay/wp-json/wp/v2/users

I get:

 "code": "rest_user_cannot_view",
    "message": "Sorry, you are not allowed to list users.",
    "data": {
        "status": 401
    }

I am using Postman... please help

• rest-api
• users

Share Improve this question asked May 17, 2019 at 0:21 David DelatorreDavid Delatorre 3311 gold badge11 silver badge33 bronze badges 3

• How have you configured auth with Postman? That's an authenticated endpoint, I get the same result if I visit that endpoint ( I'm a logged out user so it's expected ) – Tom J Nowell ♦ Commented May 17, 2019 at 1:16
• Hi Tom, thank you, – David Delatorre Commented May 17, 2019 at 3:15
• could you direct me in the right directions as to how configure Auth with postman? I am new to it... – David Delatorre Commented May 17, 2019 at 3:17

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 5

Read the docs: you need to add a Header named X-WP-Nonce to your requests to the API that require authentication, as you can see in the jQuery example.

However the catch is getting that nonce in the first place. WordPress inject that token itself in the post editing screens. Type wpApiSettings in the developer console and you can get the nonce. You will need to send your wordpress_logged_in cookie too, that can be retrieved from the request headers in the Network tab of your browser dev tools.

I'm sharing an example of how you put that headers in your Postman request:

However making it for an app that is not coupled to the WP backend itself can be cumbersome, that´s why there are other options, like Basic authentication that I´m not a big fan, and JWT authentication plugin. Both are linked in the documentation page that I linked.

本文标签： REST API GET users