I'm using this link as my model for testing the REST API, and I get all the way through the authorize prompt to a "403 Forbidden" response (this is for both the customer and admin examples).
Invalid auth/bad request (got a 403, expected HTTP/1.1 20X or a redirect)
{"messages":{"error":[{"code":403,"message":"Access denied"}]}}
STEP 1 – I access this example URL: http://mywebsite.net/oauth_admin.php
STEP 2 – I see the login prompt and log in, along with seeing the token in the URL: http://mywebsite.net/admin/oauth_authorize?oauth_token=a35aa73f8bda2fce1d5d4db25628129d
STEP 3 – I get the desired authorize prompt:
STEP 4 – I click authorize and I get the above 403 response.
I have setup the REST user and role as according to the instructions at the above link, and believe I have followed all other steps – multiple times. I'm at a loss as to why this fails.
Has anyone else experienced this issue? I've also tried using the Firefox and Chrome API extensions with the same result.
UPDATE:
I found that someone else solved this issue when the request was passed over HTTPS. There is nothing in the tutorials mentioning a prereq SSL. Has anyone else successfully used REST without SSL? See their solution here–> Why do I get unauthorized for REST API
Best Answer
I can give you workable example:
System / Web Services / REST Roles
System / Web Services / REST Attributes / Select {Admin}
System / Web Services / REST OAuth Consumers
My magento url is http://mg1910.local.dev/
My http://mg1910.local.dev/oauth_admin.php is following:
As you can see my script receive 3 products.