Magento 2.4.2 REST API – Issue with Getting Current Customer Details Using Customer Token

I am using latest magento version 2.4.2
I have created customer token using postman eg.

https://<magento.host>/rest/V1/integration/customer/token

sending in body
{
"username" : "[email protected]",
"password" : "xyz@123"
}

works fine and give me access token in response

"ac00vd6q4bazfjjkufgxu"

After that
Now here I am trying to get customer details

https://<magento.host>/rest/V1/customers/me/
sending in header

Authorization : Bearer ac00vd6q4bazfjjkufgxu
Content-Type : application/json

Now here I am getting this response

    {
        "message": "The consumer isn't authorized to access %resources.",
        "parameters": {
            "resources": "self"
        },
        "trace": "#0 /public_html/<magentohost>/vendor/magento/module-webapi/Controller/Rest/RequestValidator.php(68): Magento\\Webapi\\Controller\\Rest\\RequestValidator->checkPermissions()\n#1 /public_html/<magentohost>/vendor/magento/module-webapi/Controller/Rest/InputParamsResolver.php(79): Magento\\Webapi\\Controller\\Rest\\RequestValidator->validate()\n#2 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver->resolve()\n#3 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->___callParent('resolve', Array)\n#4 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->Magento\\Framework\\Interception\\{closure}()\n#5 /public_html/<magentohost>/generated/code/Magento/Webapi/Controller/Rest/InputParamsResolver/Interceptor.php(23): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->___callPlugins('resolve', Array, Array)\n#6 /public_html/<magentohost>/vendor/magento/module-webapi/Controller/Rest/SynchronousRequestProcessor.php(85): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->resolve()\n#7 /public_html/<magentohost>/vendor/magento/module-webapi/Controller/Rest.php(188): Magento\\Webapi\\Controller\\Rest\\SynchronousRequestProcessor->process(Object(Magento\\Framework\\Webapi\\Rest\\Request\\Proxy))\n#8 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#9 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callParent('dispatch', Array)\n#10 /public_html/<magentohost>/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\Interceptor->Magento\\Framework\\Interception\\{closure}(Object(Magento\\Framework\\App\\Request\\Http))\n#11 /public_html/<magentohost>/generated/code/Magento/Webapi/Controller/Rest/Interceptor.php(23): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callPlugins('dispatch', Array, Array)\n#12 /public_html/<magentohost>/vendor/magento/framework/App/Http.php(116): Magento\\Webapi\\Controller\\Rest\\Interceptor->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#13 /public_html/<magentohost>/generated/code/Magento/Framework/App/Http/Interceptor.php(23): Magento\\Framework\\App\\Http->launch()\n#14 /public_html/<magentohost>/vendor/magento/framework/App/Bootstrap.php(263): Magento\\Framework\\App\\Http\\Interceptor->launch()\n#15 /public_html/<magentohost>/pub/index.php(29): Magento\\Framework\\App\\Bootstrap->run(Object(Magento\\Framework\\App\\Http\\Interceptor))\n#16 {main}"
    }

I have checked

/**
 * Perform authentication and authorization.
 *
 * @throws \Magento\Framework\Exception\AuthorizationException
 * @return void
 */
private function checkPermissions()
{
    $route = $this->router->match($this->request);
    if (!$this->authorization->isAllowed($route->getAclResources())) {
        $params = ['resources' => implode(', ', $route->getAclResources())];
        throw new AuthorizationException(
            __("The consumer isn't authorized to access %resources.", $params)
        );
    }
}

$this->authorization->isAllowed($route->getAclResources()) return false when trying to get customer details everytime

If you guys have any Idea please share

Any help will be appreciated

Best Answer

You are receiving that error for a good reason. As per https://magento.redoc.ly/2.4.2-customer/, the customer role doesn't have access to details retrieval endpoints, only the admin role does.

The only endpoint that I found remotely retrieving what you might need is https://magento.redoc.ly/2.4.2-customer/tag/cartsmine#operation/quoteCartManagementV1GetCartForCustomerGet but this won't work if your customer doesn't have an active cart I suppose.

Best Answer

Related Solutions

Magento 2.2.2 REST API – How to Change Customer Password

Magento – “Class mixed does not exist” with only one array param in the body in Magento 2

Related Topic