cancel
Showing results for 
Search instead for 
Did you mean: 

The consumer isn't authorided to access %resources

The consumer isn't authorided to access %resources

Hello everyone!
I've installed a Magento commerce using Docker, following this tutorial: https://github.com/echo-magento/docker-magento2
But I'm trying to create a product via API but I'm getting this error:

{
  "message": "The consumer isn't authorized to access %resources.",
  "parameters": {
    "resources": "Magento_Catalog::products"
  }
}

I already created an integration with 'ALL' permission, I'm sending the request using Bearer and with my generated 'Access Token' but nothing works...

4 REPLIES 4

Re: The consumer isn't authorided to access %resources

Hello @ggonpereira99a 

 

Follow the below settings to fix the API issue.

 

Login to Admin >> Stores >> Stores >> Settings >> Configuration >> SERVICES >> Magento Web API >> Web API Security >> Allow Anonymous Guest Access: Yes

 

Hope it helps!

Thanks.

Problem solved? Click Accept as Solution!

Re: The consumer isn't authorided to access %resources

Hello ggonpereira99a,

 

The error message "The consumer isn't authorized to access %resources." comes when the API endpoint resource is "Self," So in this, you need to pass the customer token in that API not only in the above API but in each "Self" resource API.

There are 3 types of resources in Magento API:

 

1. Administrator or Integration: Resources for which administrators or integrators are authorized. For example, if administrators are allowed for the Magento_Customer::group resource, they can make a GET /V1/customerGroups/:id call.

 

2. Customer: Resources with "anonymous" or "self" permission.

 

3. Guest user: Resources with anonymous permission 

 

So there are three types of resources; when you check the endpoint which you are hitting, you will see in its webapi.xml file that the resource type is self which is the number point.

 

For this, you need to generate a customer token using Magento default Customer Token API using the below endpoint:

 

/V1/integration/customer/token

 

And need to pass the below request Parameter:

 

 

{
"username": "pass customer email id",

"password": "pass customer password",

"device":"Device type from which you login"
}

 

 

Once you pass these and hit this POST API, it will return a token for you. Then you just need to pass it in your API header where you faced the error. To pass in the header, you will have to pass it such as:

Authorization :bearer<space><the token generated for customer>

Once you do, this API will work.

 

Note: This customer Token generates automatically when the customer gets login, so you just need to pass that token in all those API that is "self" type.

 

I hope the above information will help you to resolve the error.

 

-----------------------

Regards,
Rex M

 

Magento Hosting | VPS Hosting

Re: The consumer isn't authorided to access %resources

Hi @Bhanu Periwal 

I did this but nothing happened. Still getting the 401 error.
I also flushed the cache too, but nothing changed...

Re: The consumer isn't authorided to access %resources

Hi @rexaccuweb03d6

Ok. Basically what I'm trying to do is make a POST to /rest/V1/products

I tried to get an admin token making a post with the admin username/password to this URL:
/V1/tfa/provider/google/authenticate or to this one /rest/V1/integration/admin/token (for non tfa websites) and I made the request to the same endpoint (the products one) and I was able to create it correctly.

But in my scenario I'd rather to user the option to only generate a token (in the case of the Integration way, that I tried) and then the user just gives me this token. Without the need for the user to give me his admin username and password so I can make a request and get this other type of token.

I don't really know if I was clear on my objective. But basically I'd like a 'easy' and 'more secure' way for the user to give me an access token, gotcha? So if I could make the way to only generate a Integration token it would be much better.

The only endpoint I need is the /rest/V1/products one.