Getting 403 response code

[marco910]

I've installed this plugin as described in the README.md and so far it works.

When I request a new authToken with this query I get a new token for another authenticated request:

mutation LoginUser {
  login( input: {
    clientMutationId: "uniqueId",
    username: "username_here",
    password: "password_here"
  } ) {
    authToken
    user {
      id
      name
    }
  }
}

When I use the received authToken as Authorization header in another query, I can query private drafts from my WordPress site, but I also get a 403 response. That's no problem for my GraphQL client on the Mac but for Apollo Client. The Apollo Client fails when trying to make an authenticated request with the authToken because of the 403 response.

What am I doing wrong or how can I fix this?

[kamatheuska]

I am having the same issue, did you find any solution? Also, I get the requested data as well, along with the 403

[marco910]

@kamatheuska I wasn't able to fix it, and I'm using Basic Auth now: https://github.com/WP-API/Basic-Auth

Please not, that Basic Auth is only "secure" if you use it with HTTPS.

[vorasudh]

@jasonbahl Any ideas, or thoughts here? I am also facing this issue.

[ryntab]

A little late but I resolved this issue by setting my GRAPHQL_JWT_AUTH_SECRET_KEY in the wp-config.php where as i had it defined in the functions.php before.

Also make sure that you use something like: https://api.wordpress.org/secret-key/1.1/salt/

To generate the key

[peiris]

A little late but I resolved this issue by setting my GRAPHQL_JWT_AUTH_SECRET_KEY in the wp-config.php where as i had it defined in the functions.php before.

Also make sure that you use something like: https://api.wordpress.org/secret-key/1.1/salt/

To generate the key

Thanks for the tip!

[jennicar]

I followed @ryntab suggestion about putting the token in the wp-config file but that didn't work. For me, the token is working to authenticate and to run the queries, but it is still returning a 403.