Hi
I am unable to access /wp-json/wplms/v1/user endpoint. Even though I am using a JWT based authentication system, still I continue to get the error:
{
"code": "rest_forbidden",
"message": "Sorry, you are not allowed to do that.",
"data": {
"status": 401
}
}
Isn't this obvious. That the API that you are trying to access is undefined.
1. WPLMS version 4 API has name space : wplms/v2
2.To enable WPLMS version3 API, you need to enable the API from WP admin - LMS - Settings- API. https://prnt.sc/vv8o84
I am not sure if you are checking any documentation. Because this is very very clearly defined in the documentation.
version 3 : https://vibethemes.github.io/wplms-docs/
version 4 : https://docs.wplms.io
The links to doc is included in the theme package that you download from themeforest.
The most unfortunate thing is that you have rated us as 1 star on this simple issue which you could have asked. Without purchase code there is no confirmation that you have purchased the product.
What is worse is that you posted the review first and then posted the topic on an issue which you failed to locate.
Secondly , you state "I had purchased the product about 3 years back. I could not locate my purchase code and thus the author refused to provide any support."
https://prnt.sc/vv8um7
Can you share any email or proof about your claim where you contacted us and where we refused to provide support ?
Unfortunately, this is an extremely poor start of a customer support experience for us, so I would sincerely request you to post a refund request or we can request envato to refund the purchase amount.
1. As I mentioned, I re-purchased the product because I am looking for support. I have already been using wplms for 3-4 years. I have forwarded the entire correspondence that I have had over email with you. In my opinion, you are not helping anyone's case by asking me to request for a refund.
2. I am using version 3.9.5 and not version 4. I purchased version 4 because again, I wanted support from your end. And based on the documentation that I have read (I think I read parts of it), the namespace in 3.9.5 is wplms/v1 and not wplms/v2.
https://documenter.getpostman.com/view/3430105/S1TYTvP9?version=latest#303140d0-bef4-495e-b63c-8d8111c752bd
https://vibethemes.github.io/wplms-docs/developer-guide.html
3. I will be really really grateful if you could just help me get the /user endpoint to work. I continue to get the same error that I posted above. I already have wplms API enabled in wp-admin. And it has been over 4 days since I first sent an email to you about this.
4. I sent you an email posting the same question on the 30th of November. I waited for 3 days to get a response before posting anything. And this is after having a previous experience with your team where so many of my mails were left unanswered. If you are not interested in replying to emails then it needs to very clearly stated on your envato page. Furthermore, 3 days is in itself a pretty long time to reply to such a simply problem (as you state it).
5. I am not going to take back my review unless I get better service than what I have been experiencing. I am already using wplms and a lot of my business runs on it. And I am being forced to spend so much time and effort getting it to do basic stuff because so many of my mails to you simply go unanswered.
6. I am even willing to pay more if there is an option to have a more dedicated support.
Ok you said you are using the JWT token , is it your custom token of the token which is returned on login call of the wplms own api :https://documenter.getpostman.com/view/3430105/S1TYTvP9?version=latest#599914ae-07e2-4507-a92e-556bf2263536
When you login you get the token back and using this token you can make requested which are user related .
Please confirm if you are using the token which is generated by wplms .
Same token lists can be found in wp-admin -> lms ->. api -> connected clients .
I am using this plugin (https://wordpress.org/plugins/jwt-auth/) for JWT token generation.
Even if I disable the plugin, I continue to get the same error even on /register and /login endpoints. So I am not even able to validate the wplms built-in auth function.
I have registration enabled in the wplms settings, as well as the API.
This is not supported by wplms as wplms has its own auth server and follows it only /
Hey Alex. As I mentioned, even if I turn off the JWT plugin, I am not even able to access the /login endpoints. I am getting the same error.
How do I use your in-built auth service?
Well its because the token is wrong .Or the token was not getting there to the api call to verufy .
this happens on apache and nginx servers.
To prevent this please
if your server is apache then :
add this line at then end of your .htaccess file :
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
if above does not works then use :
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$1
if nginx :
https://wplms.io/forums/topic/httaccess-code-on-nginx/
Also note that you need to post either the register params as shown in api docs or login credentials(username or password) to get the token and then use the token in headers Authorization param .
Hey Alex. Inspite of the changes that you mentioned, I am still not able to make it work. When I look at the Rest API logs in wordpress, I don't see any auth headers getting stripped. So I am not completely sure where the issue is or how do I debug it.
I would also be absolutely okay if there is some method to completely disable the wplms auth system.
Can you tell me exactly what is meant by client id and client state?
Ok,
we will check this , please share your site url and valid ftp credentials in order to debug this futher .
Please also ell if your server is apache or nginx
This reply has been marked as private.
My system is currently configured on the cloudways stack. Nginx is being used a reverse proxy while apache is being used as the web server. I tried making changes to the htaccess file but that did not work for me. I don't have direct access to the nginx configuration at the moment.
However, is there a way in which we can narrow down on whether there is an issue with the wplms application or it is an issue with the stack?
I see the HTTP Auth header when I look at the Rest API logs in the wordpress admin panel. So I am not quite sure if there is an issue with the deployment stack. Can you suggest an experiment that helps narrow down on the problem area?
Well the issue is actually with the server .
We read the Headers sent in the api call to read out the token and almost all server stip this from headers before php reads or strips it at the source to ensure safety of server .
The methods provided above asks server to let pass this parameter(Authorization) .
We need to check if there is another issue with it by debugging and priting the token before api call.
please share your site url and valid ftp credentials in order to debug this futher .
.
