REST API: How can I restrict a custom post type to only be accessible by authenticated users?

Looks like I found a snippet that do exactly that.
It’s from Daniel Bachhuber, the API developer.

add_filter( 'rest_authentication_errors', function( $result ) {
    if ( ! empty( $result ) ) {
        return $result;
    }
    if ( ! is_user_logged_in() ) {
        return new WP_Error( 'restx_logged_out', 'Sorry, you must be logged in to make a request.', array( 'status' => 401 ) );
    }
    return $result;
});

This is posted in his gist on GitHub.

Related Posts:

  1. With Rest V2 (WP4.7) how does one restrict certain RESTFUL verbs?
  2. Fetch All Posts (Including Those Using a Custom Post Type) With WordPress API
  3. How to assign specific users the capability to edit specific pages / posts / custom post types
  4. Show custom post type endpoint in REST API just if user has capability
  5. Allow Users Access to Custom Post Type Only
  6. Custom post type capabilities require “create_posts” to access the edit posts list page
  7. How do I get the intended post type of a revision post?
  8. How to restrict CPT post’s fronted view only for specific user roles?
  9. Exclude objects from WordPress API based from ACF field using rest_prepare_{$post_type}
  10. Custom REST endpoint not working to retrieve single posts (“rest_no_route”)
  11. How to handle this specific case of custom post type?
  12. How can I remove “Add new” button on custom post type
  13. Capabilities and Custom Post Types
  14. Custom post type role permissions won’t let me read
  15. Allow user to Edit Posts but not Add New?
  16. How do I Filter Custom Post Type by Custom Taxonomy in the newest WordPress RESTful API?
  17. Confusion with adding meta capabilities to a role after registering a Custom Post Type with corresponding ‘capability_type’ parameter
  18. Notice: map_meta_cap was called incorrectly
  19. WP Rest API Querying Custom Posts by ACF fields
  20. How to not allow custom roles to edit published custom post types?
  21. How to get dynamically custom post type that are under a certain category
  22. Get the Category Name instead of ID from WP-API
  23. create a back-end wordpress content submission using custom post type
  24. How do I code access to the built-in UI of a CPT when it’s placed as submenu of another CPT that is protected by role?
  25. Get custom post type REST API not working
  26. Custom role capabilities to administrator not taking effect (no plugin)
  27. Prevent author role from editing all posts in custom post type?
  28. How to add custom fields to admin UI and REST API response?
  29. Custom search with Custom Fields in WP REST API?
  30. Custom Post Type and API REST is not working
  31. React post to WordPress custom post type
  32. How would you associate location data with a post?
  33. Custom Post-to-Post with multiple parents?
  34. Cannot attach media when capabilities added to custom post type
  35. Add custom parameter to REST API request of a custom post type?
  36. Custom Taxonomy Invalid in REST API
  37. Role capability delete multiple post type posts doesn’t work
  38. Define new user capability for custom post types?
  39. Cannot add custom field to “orderby” parameter in Rest API
  40. Getting meta in editor plugin, and event triggering issue
  41. Adding user capabilities for a custom taxonomy of a custom post type for a custom user
  42. Restrict Access to Posts based on Custom User and Post Meta Data
  43. Database to page routing API?
  44. Expose a custom field of a custom post type to the REST API
  45. Custom post type archive page – Posts overview – with one modal for multiple posts?
  46. Callback to custom field is not working in WordPress REST API
  47. delete_published_posts does not work
  48. Custom Post Type not showing in Rest API on Multisite
  49. Able to edit custom post, but unable to create new custom post when within submenu. What capability is missing?
  50. Allow add new post access to custom post but not wp post for some role
  51. Cannot Create new Post within Custom Post Type
  52. Create custom post with custom user rules
  53. How to add/edit advanced custom fields on custom post type’s WordPress REST API?
  54. Create custom post with meta field with AJAX and the WordPress REST API
  55. WordPress API for custom post types returns rest_no_route
  56. Conflict between Capabilities and Menu Visibility with Custom Post Types
  57. Adding guestbook to my wordpress site
  58. Role capabilities issue
  59. WP API Response does not show my registered metadata
  60. REST filters only firing when I have a param set
  61. How to handle new post from API request?
  62. wp-json API: not logged in when clicking link to the API from admin mode
  63. WordPress as a backend for external service? [closed]
  64. Restrict category access to specific users/groups. Author always has access
  65. Custom capabilities not reflecting on admin panel
  66. Custom Post Type not working with Capabilities
  67. Post/Custom Post Type URL Access
  68. Roles and Capabilities in Custom Post Types
  69. custom post type capabilities – needs to be VERY secure
  70. How to fix the Post Preview Button (CPT & map_meta_cap)
  71. Restrict Custom Post Type per role in Dashboard
  72. Restrict access to custom post type based on its taxonomy terms
  73. How can I create new CustomPostType record using wp.api.collections?
  74. Custom endpoint filtering post by custom taxonomies
  75. wp rest api orderby field in a custom table
  76. How To Read Read Custom Post Type Data in Headless CMS Mode
  77. URL issue retrieving Custom Post Types using Backbone JS API
  78. How to add field to custom post type endpoint
  79. How can I add a meta[] to my custom post type and search by term with the Rest API?
  80. Can’t see post status drop down for custom post type
  81. Issue with CPT posts within WP REST API showing as []
  82. Saving custom post types post_meta over REST-API fails
  83. WooThemes – Vendors / Bookings – Allow Vendors to manage resources
  84. How do you make a custom post type invisible for subscribers
  85. WordPress API only returning HTML
  86. How to create new permission for custom post types for doing specific tasks
  87. Capabilities and mapping required for a role to be able to edit other’s posts of a custom type, BUT only be able to edit their own blog posts
  88. Weird capabilities / roles behavior
  89. creating different edit screens for different roles
  90. Capability to edit own post, but not create new one
  91. What would prevent a custom role from viewing posts (both standard and custom)?
  92. Capability to read user’s own draft post of CPT
  93. Custom post type & role issues
  94. Allowing logged in users to create custom posts
  95. wp_insert_post not working for custom post type?
  96. Restrict editing of a custom post type based on status and user capabilities
  97. Store custom post type with JSON content
  98. Create settings page to enable or disable CPT
  99. Get all posts of any post type in a category from REST API
  100. How to consume external API from WordPress post editor and display the response data in the custom field?

Leave a Comment