Magento 2 – How to Retrieve Customer Order History with REST API

apicustomermagento2magento2.3.1orders

How can we get the customer order history over the rest API with the customer token.

If I'm trying the url

/V1/orders?searchCriteria[filter_groups][0][filters][0][field]=customer_email&searchCriteria[filter_groups][0][filters][0][value]=bob@fett.com&searchCriteria[filter_groups][0][filters][0][condition_type]=like

I'm getting this:

{
    "message": "The consumer isn't authorized to access %resources.",
    "parameters": {
        "resources": "Magento_Sales::actions_view"
    },
    "trace": "#0 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/module-webapi/Controller/Rest/RequestValidator.php(68): Magento\\Webapi\\Controller\\Rest\\RequestValidator->checkPermissions()\n#1 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/module-webapi/Controller/Rest/InputParamsResolver.php(80): Magento\\Webapi\\Controller\\Rest\\RequestValidator->validate()\n#2 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver->resolve()\n#3 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->___callParent('resolve', Array)\n#4 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->Magento\\Framework\\Interception\\{closure}()\n#5 /var/www/vhosts/store-api.silverwax.ca/httpdocs/generated/code/Magento/Webapi/Controller/Rest/InputParamsResolver/Interceptor.php(26): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->___callPlugins('resolve', Array, Array)\n#6 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/module-webapi/Controller/Rest/SynchronousRequestProcessor.php(85): Magento\\Webapi\\Controller\\Rest\\InputParamsResolver\\Interceptor->resolve()\n#7 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/module-webapi/Controller/Rest.php(188): Magento\\Webapi\\Controller\\Rest\\SynchronousRequestProcessor->process(Object(Magento\\Framework\\Webapi\\Rest\\Request\\Proxy))\n#8 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#9 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callParent('dispatch', Array)\n#10 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\Interceptor->Magento\\Framework\\Interception\\{closure}(Object(Magento\\Framework\\App\\Request\\Http))\n#11 /var/www/vhosts/store-api.silverwax.ca/httpdocs/generated/code/Magento/Webapi/Controller/Rest/Interceptor.php(26): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callPlugins('dispatch', Array, Array)\n#12 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/App/Http.php(136): Magento\\Webapi\\Controller\\Rest\\Interceptor->dispatch(Object(Magento\\Framework\\App\\Request\\Http))\n#13 /var/www/vhosts/store-api.silverwax.ca/httpdocs/generated/code/Magento/Framework/App/Http/Interceptor.php(24): Magento\\Framework\\App\\Http->launch()\n#14 /var/www/vhosts/store-api.silverwax.ca/httpdocs/vendor/magento/framework/App/Bootstrap.php(258): Magento\\Framework\\App\\Http\\Interceptor->launch()\n#15 /var/www/vhosts/store-api.silverwax.ca/httpdocs/index.php(39): Magento\\Framework\\App\\Bootstrap->run(Object(Magento\\Framework\\App\\Http\\Interceptor))\n#16 {main}"
}

I've tried to the proposal of @aaditya in the question but it's doesn't work.

Best Answer

To extend the rest API endpoint of orders(which is originally customer has no access) in order to access it using customer's token, You have to create a custom endpoint as well otherwise the endpoint /V1/orders will still inaccessible for the customer.
Check below example:

<?xml version="1.0"?>
<routes xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Webapi:etc/webapi.xsd">
    <route url="/V1/orders/custom" method="GET">
        <service class="Magento\Sales\Api\OrderRepositoryInterface" method="getList"/>
        <resources>
            <resource ref="self"/>
        </resources>
    </route>
</routes>

And you can use the custom endpoint /V1/orders/custom to get orders list of the customer using customer's token.

Related Solutions

Magento 2.2.2 REST API – How to Change Customer Password

I have seen you are passing parameter in Form-Data that might be the reason you are facing this kind of issue instead of Form-data select parameter as RAW - then choose JSON(application/json) !

Also you are passing customerId=146 in URL - so you actually don't need to pass this in parameter - as it is for that specific user only so !!

Below i am sharing exact endpoint with parameters which you need to pass in POSTMAN.

Endpoint - http://magento.host/rest/V1/customers/me/password?customerId=146

Headers - Authorization bearer your_access_token

Content - Type - application/json

Body :

{
  "currentPassword": "current_password",
  "newPassword": "new_password"
}

Method Name : PUT

For more reference refer this link - https://devdocs.magento.com/swagger/#!/customerAccountManagementV1/customerAccountManagementV1Change...

Magento – “Class mixed does not exist” with only one array param in the body in Magento 2

Class interface:

/**
 * Description
 *
 * @param string[] $items
 * @return array
 */
public function replaceItems($items);

Valid scalar types include: mixed (or anyType), bool (or boolean), str (or string), integer (or int), float, and double

Any parameters or return values of type array can be denoted by following any of the previous types by an empty set of square brackets []

@return array|int|string|bool|float Scalar or array of scalars

Reference

https://devdocs.magento.com/guides/v2.2/extension-dev-guide/service-contracts/service-to-web-service.html

Best Answer

Related Solutions

Magento 2.2.2 REST API – How to Change Customer Password

Magento – “Class mixed does not exist” with only one array param in the body in Magento 2

Related Topic