Accessing private posts through REST API, same code that works in remote doesn't in local
-
18-04-2021 - |
Question
I am capable of fetching private posts through the wp rest api by calling
mydomain/wp-json/wp/v2/posts?status=private&slug=whatever
I am authenticating well and receiving a valid token, no problems
But with the same site running with Laragon (windows 10), while running ok with the authentication, I cannot retrieve the private posts
http://testing.test/wp-json/wp/v2/posts?status=private&slug=whatever
{
"code": "rest_invalid_param",
"message": "Invalid parameter(s): status",
"data": {
"status": 400,
"params": {
"status": "Status is forbidden."
}
}
}
I'm getting the same response (as expected) when using Postman and having the Bearer token
header correctly configured
What's going on? I've run out of ideas
*I can retrieve public posts
Solution
The problem was that I didn't completely clone the wp site, and I forgot to install the plugin that I used to manage user roles
The plugin is Members ("User Role Editor by Members – Best User, Role and Capability Management Plugin for WordPress") by MemberPress, and there I can allow the roles that I want to have permissions to read private posts
Once that is done, the problem is gone