5

I am trying to use the Magento 2 rest API, but even when just curl'ing from command line, the only response I get is Consumer is not authorized to access %resources

I managed to get a token with 

curl -X POST "http://magento.dev.blackorange.nl/index.php/rest/V1/integration/admin/token" \
-H "Content-Type:application/json" \
-d '{"username":"adminuser", "password":"adminpass"}'`

but when i try 

curl -X GET -H "Authorization: Bearer TOKEN" "http://magento.dev.blackorange.nl/rest/V1/products"

(or any other endpoint) I get the-the Consumer is not authorized to access %resources message

Am I missing a step somewhere?

devlin carnate
  • 8,309
  • 7
  • 48
  • 82
Werring
  • 362
  • 3
  • 14
  • Did you find a solution? If so, please accept an answer or post your own. – Esteban Mar 22 '18 at 01:52
  • 1
    Unfortunately no solution, we opted to not upgrading to magento 2 and staying with 1.9 – Werring Mar 22 '18 at 08:20
  • Thanks for your response. Seems to be a bug or obscure configuration problem. After getting this, I tried a fresh install of Magento 2.2 and the error was gone. – Esteban Mar 23 '18 at 17:48

4 Answers4

1

make sure you are using Magento2 admin username password not any API Username Password With proper roles are assigned to that user , if this does not work try changing the ROLE : ALL

to access GET /V1/products you need to pass searchCriteria parameter its required parameter.

1st you need to call admin/token API the token you get from here you need to pass in 2nd API

replace TOKEN with your token Key from 1st Call

curl -X GET -H "Authorization: Bearer ntfw****avefg***6mil***kysnl3***" "http://magento.dev.blackorange.nl/rest/V1/products"

for all REST API Reference : http://devdocs.magento.com/swagger/index.html#/

Emizen Tech
  • 3,529
  • 1
  • 17
  • 33
1

Try it with trimming the token value. It gets blank space which makes it incorrect.

Aman Srivastava
  • 151
  • 7
1

Try to get token of with POSTMAN : http://your-domin/rest/V1/integration/admin/token

With admin username password Example: http://your-domin/rest/V1/integration/admin/token

set Oauth:1.0 same as customer/token

set admin login detail

username : admin | password : admin123

And try again with admin token for unauthorized APIs.

Note : This is not good approach because for customer Application it is not secure for just hit API you can try it with admin/token with

Yuvraj Singh Shekhawat
  • 313
  • 2
  • 15
0

Try changing the PHP handler used by Apache on the Magento server. I changed from cgi to suphp and the requests started to work. Interestingly, as mentioned in Problem with Magento 2 REST authentication, POST requests would always work, but GET requests would fail. I have no idea why changing the handler solves the problem. Good luck.

lm713
  • 312
  • 5
  • 16