Hi,
We recently moved our Magento website (1.9.6.3) from one cPanel server to a new cPanel VPS. On the old server we were able to GET and Post successfully using oAuth 1.0 (consumer key and token). Since we moved to the new server, we get a 403 Access Denied error. Consumer key, secret, token, token secret, account roles, etc are all the same on both servers.
Following is a log extract from /var/log/exception.log
2017-11-09T05:35:12+00:00 ERR (3):
exception 'Mage_Api2_Exception' with message 'Access denied' in /home/refoil/public_html/app/code/core/Mage/Api2/Model/Server.php:217
Stack trace:
#0 /home/refoil/public_html/app/code/core/Mage/Api2/Model/Server.php(106): Mage_Api2_Model_Server->_allow(Object(Mage_Api2_Model_Request), Object(Mage_Api2_Model_Auth_User_Guest))
#1 /home/refoil/public_html/api.php(73): Mage_Api2_Model_Server->run()
#2 {main}
The log shows that the Authenticated user is using Guest Role, so is the oAuth credentials not being passed through correctly? We tested this using Postman on both servers using the same request.
Are there any settings in the default install of cPanel that could block the header information that contains the oAuth credentials?
Thanks, any help will be appreciated.