permission_callback has no effect

Are you sure that a _doing_it_wrong notice isn’t being issued? You won’t see the notice visibly output on the page because that would break the JSON response. But if you look in the headers of the response you should see a X-WP-DoingItWrong header.

It should also appear if you use a plugin like this to record developer notices: https://wordpress.org/plugins/log-deprecated-notices/

Related Posts:

  1. Accessing an auth protected custom WP API enpoint from remote origin
  2. WP REST API: check if user is logged in
  3. Can’t GET draft posts via REST API from headless frontend
  4. Full page NGINX (or Cloudflare) caching and WordPress nonces
  5. WordPress REST API, Expired Nonce from Cache results in 403 forbidden
  6. Passing a borrowed nonce through Postman fails
  7. WP REST API – Nonce passes wp_verify_nonce even after logout
  8. Filter DELETE REST API calls
  9. Rest API: wp_verify_nonce() fails despite receiving correct nonce value
  10. Backbone with custom rest endpoints
  11. Log in user using WordPress REST API
  12. wp_nonce vs jwt
  13. Register rest field authentication with REST API
  14. Rest API nonce is being cached
  15. Nonce validation in REST API
  16. Is the WordPress REST API installed and enabled in a vanilla WordPress 4.7 installation?
  17. Does something like is_rest() exist
  18. How to: Make JWT-authenticated requests to the WordPress API
  19. With Rest V2 (WP4.7) how does one restrict certain RESTFUL verbs?
  20. REST API purpose?
  21. Get post count in wp rest API v2 and get all categories
  22. WP REST API — How to change HTTP Response status code?
  23. wp_get_current_user() function not working in Rest API callback function
  24. How to use WP-REST API to login user and get user data for Android app?
  25. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  26. WP REST API Is it rather easy to rename the default wp-json uri part?
  27. Search WP API using the post title
  28. check the requesting url
  29. How would I add custom tables/endpoints to the WP REST API?
  30. WP REST API Require Password for GET Endpoint
  31. Displaying a page built with Elementor using the REST API [closed]
  32. Getting user meta data from WP REST API
  33. Understanding SHORTINIT with WordPress 5
  34. How to use _embed when using _fields?
  35. WordPress REST API – Permission Callbacks
  36. WP REST API V2 – Retrieve sub page by full slug (URL/Path)
  37. WP REST API create post authentication issue
  38. How do I create a user using the new JSON api in 4.7?
  39. Verify nonce in REST API?
  40. Why is my custom API endpoint not working?
  41. WordPress REST API validation
  42. Are there server performance benefits to fetching only specific fields when querying the REST API?
  43. How to define a query parameter with REST API?
  44. Filter posts by multiple custom taxonomy terms using AND operator in REST API v2 (WordPress)
  45. WP REST API returns blank response if post is too long
  46. How do I correctly setup an AJAX nonce for WordPress REST API?
  47. Increase per_page limit in REST API
  48. WordPress Rest API: How do we validate with our custom API key?
  49. Does pre_get_posts affect REST API responses?
  50. How to feed a HTML5’s EventSource with a REST API custom endpoint?
  51. Adding WordPress API Endpoint With Multiple Parameters
  52. WordPress REST API call generates nonce twice on every call
  53. Retrieve CSS and JS From the REST API
  54. Using the REST API (v2) javascript client on a private namespaced route
  55. How to Authenticate WP REST API with JWT Authentication using Fetch API
  56. authentication issue with rest api – rest_cannot_create
  57. WP REST API core major changes
  58. WordPress 4.7 REST API endpoints
  59. How to get all posts from parent and children categories?
  60. wordpress wp-json prefix issue
  61. Hiding API routes list
  62. Get blog title with REST v2
  63. Is it possible to nest the JSON result of WordPress REST API?
  64. Match REST API post output from custom endpoint
  65. Reduce nonce lifespan
  66. How to use the WP REST API for new user registration (sign up form)?
  67. Can I authenticate with both WooCommerce consumer key and JWT?
  68. Headless WordPress: How to authenticate front end requests?
  69. REST API multiple media upload
  70. Filter post_content before loading in Gutenberg editor
  71. Attach featured image to custom endpoints
  72. Can’t send emails through REST API
  73. 401 Error when trying to make a REST API call to site
  74. WordPress: How to create custom REST API route?
  75. Create post using rest api with html content
  76. Does jQuery/Ajax send cookies when using the rest API or do I need to somehow add them?
  77. Handling nonce generation in AJAX registration process
  78. How to change user avatar using REST API?
  79. How to login to WordPress site using basic authentication HTTP headers?
  80. REST API URL parameters not working with apache server
  81. Adding post fields in wp-json/wp/v2/search
  82. Can we access the REST request parameters from within the permission_callback to enforce a 401 by returning false?
  83. How to Pull ALL Posts, Categories, or Tags in WordPress REST API
  84. rest api authentication
  85. Unable to get the info of the user which doesn’t have created any post via REST API
  86. Trying to get an api request getting error 404
  87. Upload image to wordpress using REST API
  88. How can I set status=’publish’ for all featured images?
  89. Can I define multiple callback methods depending on the call method?
  90. Filter post content in REST API
  91. WordPress Gutenberg get page template value when post updated?
  92. rest_post_query on multiple post types?
  93. WP Rest API convert permalink to post ID for fetch
  94. Does accessing WordPress via REST API affect the site stats and analytics?
  95. Wp Rest Api Custom Endpoint for page subpages
  96. x-wp-nonce is not allowed by Access-Control-Allow-Headers in preflight response
  97. WordPress REST API “rest_authentication_errors” doesn’t work external queries?
  98. How should an old API version be deprecated gracefully?
  99. How to get around WP REST API per page limit without pagination?
  100. How to update custom meta fields with rest api?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)