|
youtech2012
|
January 10, 2020 at 10:07 am
I’m working with a CRM and they are trying to run script to export registrants to from Event Espresso and import them into their database. I have created an administrator user and the script allows the user to pull contacts and create contacts.
Here is the error code and the script I’m running.
{ code: 'rest_cannot_create_attendees',
message:
'Sorry, you are not allowed to create attendees. Missing permissions: ee_edit_contacts',
data: { status: 403 } }
'https://www.adultfinancialed.org/wp-json/ee/v4.8.36/events?' +
&_authorization=${auth_string} +
'&include=EVT_name,EVT_ID,Attendee.ATT_full_name,Attendee.ATT_email,Attendee.ATT_phone,Attendee.TXN_ID,Registration.url_link,Datetime.DTT_ID,Datetime.Ticket.TKT_ID,Datetime.Ticket.TKT_name,Datetime.Ticket.TKT_price' +
'&where[EVT_name][]=LIKE' +
&where[EVT_name][]=%25${afes_code}%25
We are running Version 4.10.2.p and my website is adultfinancialed.org
-
This topic was modified 4 years, 3 months ago by
 Josh. Reason: formatting
|
|
Josh
|
January 10, 2020 at 4:41 pm
Hi,
Part of this appears to be an authentication issue. May I ask what type of authentication are you using? The Event Espresso 4 plugin has Basic Authentication bundled, so you could use that method.
https://github.com/WP-API/Basic-Auth
|
|
youtech2012
|
January 13, 2020 at 9:35 am
We are using a very similar basic auth to that, but passing it in as a URL parameter instead of a header. It seems to be the same token though. I’ve gotten passed the authorization errors at this point, but it looks like there were enough changes in the Event Espresso API that I’ll have to rewrite some requests.
|
|
youtech2012
|
January 14, 2020 at 12:51 pm
It turns out we had not gotten passed the authorization errors as we previously thought. We are having the same issue still. We are using Basic Auth like this:
auth_string = 'Basic base64encodedversionof<{WP_USERNAME}:{WP_PASSWORD}>
and tried passing it along through both the _authorization URL parameter, and the Authorization header with no luck. We previously had this working using the URL parameter with no issue on 4.8.38, but now have problems on 4.10.2.
|
|
Josh
|
January 15, 2020 at 8:54 am
Circling back to the error message posted in the original post here, the message doesn’t make sense for the URL (it says they don’t have permission to create attendees but the URL is requesting to view events). So we may not have enough details for why you’re getting the error.
That said, if the normal WordPress API Basic Auth plugin is activated, the _authorization GET parameter won’t work (the HTTP header would still work). That may be the issue. So one thing you could try is install and activate the WordPress API Basic Auth plugin, then pass the username & password via the HTTP header.
|
|
youtech2012
|
January 15, 2020 at 10:04 am
I think I shared the wrong URL initially. The error is actually being generated from this request:
const attendee = await fetch(https://mywebsite.com/wp-json/ee/v4.8.36/attendees?_authorization=${auth_string}`, {
method: ‘POST’,
headers: {
‘cache-control’: ‘no-cache’,
‘content-type’: ‘application/json’,
Authorization: auth_string,
},
body: JSON.stringify({
ATT_slug: registration.prospect.full_name.toLowerCase().replace(/\s+/g,’-‘).replace(/[^0-9A-Za-z_\-]/g,”) + ‘-‘ + moment().format(‘X’),
ATT_fname: registration.prospect.first_name,
ATT_lname: registration.prospect.last_name,
ATT_phone: String(registration.prospect.phone),
ATT_email: registration.prospect.email,
ATT_address: [registration.prospect.address_components.street_number, registration.prospect.address_components.street].join(” “),
ATT_city: registration.prospect.address_components.city,
ATT_zip: registration.prospect.address_components.zip,
ATT_full_name: registration.prospect.full_name,
ATT_created: moment(registration.created_at).format(),
ATT_modified: moment(registration.updated_at).format(),
}),
})`
I’ve tried it with both authorization methods, as well as using them individually.
—
I installed the WordPress API Basic Auth plugin from github and was able to get around this using the Authorization header. Not sure why the URL method stopped working, but hey at least the system is running again!
Thanks for your help Josh!
|
