0

I have been having difficulty trying to setup my Magento 2 store to work with a 3rd party shipping application that communicates with the Magento store via the REST API connection.

The system is able to get the admin token, but then cannot pull the orders from the system.

I have manually tried to get a token for both admin and customer users, which works, but I cannot use the token to then get any other data, which seems to confirm this is an authorization problem.

When I try to pull data for either, it gives a 401 unauthorized fail saying "Consumer is not authorized to access %resources"

Here is my admin token request:

POST /rest/V1/integration/admin/token HTTP/1.1
Authorization: Bearer rows3g6cturlsooeko3tyka8am5xmxsc
Content-Length: 53
Host: www.deep6gear.com
Content-Type: application/json
{
 "username":"admin_user",
 "password":"REMOVED"
}

I get a token response, for example: "po7eshsnocy9srxa3xe48dmg98v"

But when i then structure a GET request such as this:

GET /rest/V1/orders HTTP/1.1
Authorization: Bearer po7eshsnocy9srxa3xe48dmg98v
Host: www.deep6gear.com

I get the following response back:

{
"message": "Consumer is not authorized to access %resources",
"parameters":{
"resources": "Magento_Sales::sales"
},
"trace": "#0 /home/deepsix/public_html/app/code/Magestore/Webpos/Controller/Rest.php(30): Magento\\Webapi\\Controller\\Rest->checkPermissions()\n#1 /home/deepsix/public_html/vendor/magento/module-webapi/Controller/Rest.php(357): Magestore\\Webpos\\Controller\\Rest->checkPermissions()\n#2 /home/deepsix/public_html/app/code/Magestore/Webpos/Controller/Rest.php(91): Magento\\Webapi\\Controller\\Rest->validateRequest()\n#3 /home/deepsix/public_html/vendor/magento/module-webapi/Controller/Rest.php(239): Magestore\\Webpos\\Controller\\Rest->processApiRequest()\n#4 /home/deepsix/public_html/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#5 /home/deepsix/public_html/vendor/magento/framework/Interception/Interceptor.php(138): Magestore\\Webpos\\Controller\\Rest\\Interceptor->___callParent('dispatch', Array)\n#6 /home/deepsix/public_html/vendor/magento/framework/Interception/Interceptor.php(153): Magestore\\Webpos\\Controller\\Rest\\Interceptor->Magento\\Framework\\Interception\\{closure}(Object(Magento\\Framework\\App\\Request\\Http))\n#7 /home/deepsix/public_html/generated/code/Magestore/Webpos/Controller/Rest/Interceptor.php(65): Magestore\\Webpos\\Controller\\Rest\\Interceptor->___callPlugins('dispatch', Array, Array)\n#8 /home/deepsix/public_html/vendor/magento/framework/App/Http.php(135): Magestore\\Webpos\\Controller\\Rest\\Interceptor->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#9 /home/deepsix/public_html/generated/code/Magento/Framework/App/Http/Interceptor.php(24): Magento\\Framework\\App\\Http->launch()\n#10 /home/deepsix/public_html/vendor/magento/framework/App/Bootstrap.php(256): Magento\\Framework\\App\\Http\\Interceptor->launch()\n#11 /home/deepsix/public_html/index.php(39): Magento\\Framework\\App\\Bootstrap->run(Object(Magento\\Framework\\App\\Http\\Interceptor))\n#12 {main}"
}

Any help on this subject would be greatly appreciated, I have hit a wall here.

asked Mar 1, 2018 at 5:02
2
  • I ran into the same problem trying to use the rest api. Tried everything to make it work. Double checked all my files and permissions, upgraded to the latest version of M2 (2.2.6) and nothing worked. I saw your post, forwarded it to my server admin and they enabled PHP-FPM and everything started working perfectly. Commented Oct 10, 2018 at 16:57
  • If you have a new question, please ask it by clicking the Ask Question button. Include a link to this question if it helps provide context. - From Review Commented Oct 10, 2018 at 17:21

1 Answer 1

0

Finally worked out what the issue was. Apache was running the website in CGI mode, once I switched the server to run FastCGI, problem resolved.

I am guessing authentication is broken in CGI then? Either way, solution found.

answered Mar 9, 2018 at 7:10

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.