Can’t use /wp-json/wp/v2/plugins API endpoint even as administrator

by

SUGGESTIONS

I suggest the following:

curl --user username:password https://example.com/wp-json

The first request should succeed regardless because it will likely be (unless you’ve done otherwise) unsecured.

Then try:

curl --user username:password https://example.com/wp-json/wp/v2/plugins

If this fails you may not have the means to issue basic authentication requests, so add it for the purpose of testing.

Install the following:

https://github.com/WP-API/Basic-Auth/blob/master/basic-auth.php

I’d simply recommend placing that file in your site wp-content/mu-plugins directory. If the directory does not exist, create it first.

Then repeat the curl request:

curl --user username:password https://example.com/wp-json/wp/v2/plugins

If you are authenticated correctly, you should receive back a response appropriate for that endpoint.

TESTS

  • I have tested this via first trying on an install 5.3.* and the route does not exist (as we should expect)
  • I have tested this on an install 5.5.* and the route does exist as expected but requires an authentication method (for testing I have used Basic Authentication) and you can read more about Authentication methods in general here: https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/

NOTE (on authentication):

Depending on what you are trying to achieve you may benefit from more robust authentication like OAuth or Application Passwords (see https://wordpress.org/plugins/application-passwords/) but here the choice is ultimately yours, Basic Authentication may suffice, but be mindful of security considerations around storing plain text username and passwords for the given user making the request. You may want to create a specific use with just enough permissions/capabilities for this purpose if relying on Basic Authentication.

Useful reading:

Leave a Comment