REST API Working for GET but not for POST?

Question

I am trying to create a post through the REST API.

I am able to access the API by getting the existing posts, as per the screenshot below:

However, when I try to do a similar request to create a new post, the API responds that I am not allowed to create posts:

I have tried submitting the request with my admin credentials, as well as with an editor user I created just for this. I am using basic authentication just to check if the process is working, and after that I will switch to JWT or OAuth.

What am I missing here?

UPDATE: Added a screenshot with Postman authorization tab, as that was not visible from the previous screenshot.

I have also tried 2 different approaches of changing .htaccess but none of them has worked. I tried adding both

SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 

and

RewriteCond %{HTTP:Authorization} ^(.) RewriteRule ^(.) - [E=HTTP_AUTHORIZATION:%1] 

When I do a GET request to wp-json endpoint, I don't see any authentication method. Is basic authentication supposed to appear there?

Answer 1

Have you tried ignoring the csrf. If not you can do it by creating a new Configuration file. Here is the configuration code to tell spring to ignore the csrf( Cross Site Request Forging) for us.

@Configuration public class SpringSecurityConfig { @Bean public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception{ httpSecurity.csrf().ignoringRequestMatchers("/api/**"); return httpSecurity.build(); } } 

Try this and let me know if it doesn't work.