I was passing in a custom HttpClient that was using basic authentication. However, this authentication was not being used in calls to the Wordpress API. It seemed it was authenticating as I could obtain users and posts and pages, but when I tried to update or delete a user, I'd get a 403 Sorry, you are not allowed to delete this user. I pulled my hair out and I think this is a bug and wanted to help others avoid the frustration. I had to call UseBasicAuth on the Wordpress Client and that solved the issue. The line I added is ** highlight below.
var username = "";
var appPassword = "**"; // The one you generated in WP profile
var credentials = Convert.ToBase64String(
Encoding.ASCII.GetBytes($"{username}:{appPassword}")
);
var handler = new HttpClientHandler();
var httpClient = new HttpClient(handler);
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", credentials);
var client = new WordPressClient(httpClient, "https://*******.wpenginepowered.com/wp-json/wp/v2/");
// Although my above http client is being configured with basic authentication, I needed to call the below line as well.
client.Auth.UseBasicAuth(username,appPassword); ** THIS FIXED THE ISSUE
WPClient = client;
I was passing in a custom HttpClient that was using basic authentication. However, this authentication was not being used in calls to the Wordpress API. It seemed it was authenticating as I could obtain users and posts and pages, but when I tried to update or delete a user, I'd get a 403 Sorry, you are not allowed to delete this user. I pulled my hair out and I think this is a bug and wanted to help others avoid the frustration. I had to call UseBasicAuth on the Wordpress Client and that solved the issue. The line I added is ** highlight below.
var username = "";
var appPassword = "**"; // The one you generated in WP profile
var credentials = Convert.ToBase64String(
Encoding.ASCII.GetBytes($"{username}:{appPassword}")
);
var handler = new HttpClientHandler();
var httpClient = new HttpClient(handler);
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", credentials);
var client = new WordPressClient(httpClient, "https://*******.wpenginepowered.com/wp-json/wp/v2/");
// Although my above http client is being configured with basic authentication, I needed to call the below line as well.
client.Auth.UseBasicAuth(username,appPassword); ** THIS FIXED THE ISSUE
WPClient = client;