Magento 2 – Custom REST API Endpoint Authorization Issue

aclindexermagento2rest api

I'm trying to expose the getLatestUpdated() method of the Indexer class through the REST API. The endpoint is getting an auth token and all that – I can use protected endpoints no problem. What resources should I have requested or how can I give my extension permission to use the resource?

Here is what my webapi.xml looks like:

<?xml version="1.0"?>
<routes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd">
    <route url="/V1/GetIndexerInfo/id/:id" method="GET">
        <service class="MyCompany\GetIndexerInfo\Api\GetIndexerInfoInterface" method="getInfo"/>
        <resources>
            <resource ref="Magento_Indexer::Indexer"/>
        </resources>
    </route>
</routes>

Best Answer

ref. Required. Referenced resource.

Valid values are self, anonymous, or a Magento resource, such as Magento_Customer::group.

 <route url="/V1/customers/:id" method="PUT">
        <service class="Magento\Customer\Api\CustomerRepositoryInterface" method="save"/>
        <resources>
            <resource ref="Magento_Customer::manage"/>
        </resources>
 </route>

Now open acl.xml file where ref Magento resource, Magento_Customer::manage is defined

And this resources are visible under the Magento 2 admin System > Permissions > User Roles area. When we click on the Add New Role button or access to a role.

like this,

Best Answer

Related Solutions

Magento – Consumer is not authorized to access %resources REST API

Magento – magento 2 captcha not rendering if I override layout xml

Related Topic