Rest API authentication issue when called from fetch request in bundle.js

The problem is that you’re not using the correct name for the REST API nonce header — the correct name is X-WP-Nonce, but you used X-WP-Header:

fetch('http://localhost/wptest2/?rest_route=/wp/v2/users/me', {
  method : 'get',
  mode : 'cors',
  headers : {
    'Access-Control-Allow-Origin' : '*',
    'X-WP-Header' : _wpnonce // here you used the wrong name
  }
})

Reference from the REST API Handbook:

For developers making manual Ajax requests, the nonce will need to be
passed with each request. The API uses nonces with the action set to
wp_rest. These can then be passed to the API via the _wpnonce data
parameter (either POST data or in the query for GET requests), or via
the X-WP-Nonce header.

So make sure to use the correct header name. 🙂

Related Posts:

  1. Authentication with the Rest API when using an External Application
  2. How to delete a cookie?
  3. nodejs – error self signed certificate in certificate chain
  4. javascript set cookie with expire time
  5. display variable image using cookies
  6. jQuery $.cookie is not a function
  7. How do I set/unset a cookie with jQuery?
  8. Make Axios send cookies in its requests automatically
  9. How do I create and read a value from cookie?
  10. How do I remove documents using Node.js Mongoose?
  11. Get cookie by name
  12. How do I check if a cookie exists?
  13. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  14. REST API: Backbone and custom endpoint
  15. Gutenberg custom block plugin with custom image sizes
  16. Get loading state of wp data selector
  17. How to build a plugin that supports authenticated POST requests to the REST API from external servers?
  18. WP REST – video and audio players
  19. Headless WordPress: How to authenticate front end requests?
  20. Post to WordPress using REST API from external site
  21. How to handle malformed response from WP REST API?
  22. Get HTTP response code on non-2xx apiFetch request
  23. Can’t GET draft posts via REST API from headless frontend
  24. Rest API invalid nonce with Backbone Client
  25. Logout user and delete cookies from the client side?
  26. WP REST API Post Status Using JavaScript
  27. How to transform a legacy widget into a block
  28. How to save generated JWT token to cookies on login?
  29. Get Block Attributes in JSON REST API
  30. Setting/unsetting terms using the Backbone JavaScript client
  31. Checks when fetching data from multiple REST API endpoints in Gutenberg
  32. Search for a keyword across post types in a Gutenberg component
  33. Using apiFetch for retrieving post data in Gutenberg
  34. How to generate the COOKIEHASH from JavaScript
  35. Get terms of a taxonomy using useSelect
  36. Return ‘X-WP-Total’ from headers in response
  37. How to render WP Rest-API Endpoints in a React.js Theme with Woocommerce
  38. Retrieving data about comments and likes
  39. how to use nimble-API and Display data?
  40. Log in user using WordPress REST API
  41. How to verify which WordPress user requested the API in ASP .NET Core?
  42. Check if user can in javascript
  43. wp-api Backbone JS Client fetch options
  44. Why does my array sort order changes when I pass it to JS using WP_REST_Response?
  45. Rest API and how to deal with it in server side
  46. Access checks with custom REST endpoints and backbone
  47. Console Messages: A cookie associated with a cross-site resource at
  48. The same session information for peer users on two different WordPress servers
  49. [Vue warn]: Error in render: “TypeError: Cannot read property ‘wp:featuredmedia’ of undefined – REST API
  50. Update block once an API request returns with a value
  51. Get user in rest API endpoint
  52. How to improve WP-Rest atrocious response time?
  53. How are cookie values encoded?
  54. I would like to retrive JSON value and display it in wordpress page or widget
  55. Connecting a wordpress site to an AngularJS APP
  56. WordPress REST API response is empty in browser and script, but not in Postman
  57. WP REST API – “rest_user_cannot_view” ONLY on specific users
  58. Rest Api WordPress
  59. Get Comment Text via REST API
  60. Embedded data and the _fields parameter in getEntityRecords
  61. REST API not returning all tags – is there a way to return all tags even ones that are not part of published posts?
  62. Get a default customizeAction text for a section using Customizer JS API
  63. Dynamically write in editor with Javascript
  64. Redirect to homepage if attmpting to leave intranet [closed]
  65. Taxinomy slug as var in parent archive page, without having a specific taxinomy page
  66. Twenty seventeen theme dropdown menu issue
  67. How to verify that a field has a value before adding a term to a taxonomy
  68. Including js script at end of header
  69. Where is fusion-gmap-container?
  70. Dynamically changing logo on scroll function [closed]
  71. Escaping quotes while enqueuing scripts
  72. Loading posts outside wordpress
  73. The page isn’t redirecting properly was given when redirecting
  74. Cookie is not set
  75. How To Pull Information From A Page And Input The Data In The WordPress User Database Table
  76. How to register or enqueue script and stop it being called in head?
  77. Notify user we would like them to clear their cookie. Provide a working button to clear cookies for user
  78. How to correctly load this jquery script through the file functions.php?
  79. contact form 7 javascript and wpcf7_before_send_mail action
  80. Adding javascript script to header via functions.php
  81. Variations Javascript not working when product display on Quick view via ajax
  82. adding script tag in head of specific pages
  83. How to use value from modal tinymce windowManager?
  84. how to refresh page after user logout with ‘wp_logout_url’?
  85. Open image gallery on link click
  86. How do I call for two js files into a custom template?
  87. How to delay display of page elements until enqueued script has injected html
  88. load-scripts.php loads incorrect file names
  89. How to change number field to text field using JS
  90. Enqueue concatinated JS file in WordPress
  91. Custom Media Meta fields to alter the generated image HTML that is inserted into a post for my animated GIF image player?
  92. wp_enqueue_scripts doesn’t work for template pages
  93. WordPress text widget with onclick function
  94. Create new product with woocommerce REST API with javascript (clientside)?
  95. Can’t change javascript files
  96. how to do open a link in a open window from menu bar? [closed]
  97. Combining results from WP-API using AngularJS
  98. Logged In cookie gets saved but not Auth cookie
  99. JavaScript and Google PageSpeed + wp_enqueue_script
  100. Javascript file doesn’t load
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)