Only “get” is allowed by REST-API in WordPress

Question

In my WordPress side, I installed REST-API plugin and successfully getting posts by:

mywp.org/wp-json/wp/v2/posts

However, only "get" is allowed, it return 401 if I do any other things like "post". I am using chrome app "Postman" and Basic Auth.

What I get:

  "code": "rest_cannot_create",
  "message": "Sorry, you are not allowed to create new posts.",
  "data": {
    "status": 401

Here is the header:

Access-Control-Allow-Credentials →true
Access-Control-Allow-Headers →Authorization
Access-Control-Allow-Methods →POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin →
Access-Control-Expose-Headers →X-WP-Total, X-WP-TotalPages
Allow →GET
Connection →Keep-Alive
Content-Length →111
Content-Type →application/json; charset=UTF-8

I found a question asked the same here but the answer didn't work for me.

I am new in rest-api and not sure what I should do.

Thankyou!

Answer 1

I found the answer myself. As I was so careless to miss the part "Install Basic Auth plugin in WP" in doc. After I install and enable it, I am able to "post" and "delete" posts right now.

Answer 2

If you are on a WordPress instance deployed from Bitnami and are getting errors like:

• " woocommerce_rest_cannot_create " (" Sorry, you are not allowed to create resources. ")
• " rest_cannot_create " ( "Sorry, you are not allowed to create posts as this user." )
• " rest_cannot_create_user " (" Sorry, you are not allowed to create new users ")

Here is what resolved the issue for me:

• Install Basic Auth , you can install it by cloning the repo into /opt/bitnami/apps/wordpress/htdocs/wp-content/plugins or you can also download the repo as a zip and install from a file from the plugins page in WP Admin.
• Edit the .htaccess file available in /opt/bitnami/apps/wordpress/htdocs
• Add a new line under RewriteEngine On and insert RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}] save and exit
• Edit /opt/bitnami/apps/wordpress/conf/httpd-app.conf add a new line after RewriteEngine On
• In the new line insert: RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] save and exit
• Restart Apache: sudo /opt/bitnami/ctlscript.sh restart apache
• (OPTIONAL) Install Application Passwords By George Stephanis

For more details check: https://community.bitnami.com/t/setting-up-api-access-to-wordpress-on-aws-ec2-instance/60589/7

Answer 3

I was facing the same issue when working on WP APIs and the I was solved the issue by adding three lines in .htaccess file.

RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

You can follow the link for more details.

More details to add lines in .htaccess