[wp-trac] [WordPress Trac] #55286: Rest Cannot Create Application Passwords
WordPress Trac
noreply at wordpress.org
Tue Mar 1 17:03:18 UTC 2022
#55286: Rest Cannot Create Application Passwords
--------------------------+-----------------------------
Reporter: gonza.ar | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: REST API | Version: 5.7
Severity: normal | Resolution: invalid
Keywords: | Focuses: docs, rest-api
--------------------------+-----------------------------
Changes (by TimothyBlynJacobs):
* status: new => closed
* version: 5.9.1 => 5.7
* resolution: => invalid
* milestone: Awaiting Review =>
Comment:
Hi gonza.ar,
Welcome to Trac and thanks for the ticket!
This is intentional and is behaving as expected, you can see it covered by
unit tests here: https://github.com/WordPress/wordpress-
develop/blob/f0dfa682a5cf2004f468c18ba8d5c87c463cdeea/tests/phpunit/tests
/rest-api/rest-application-passwords-controller.php#L313
The context provided to the `current_user_can` check is the user that the
Application Password is being created for. This allows for using
`map_meta_cap` to further customize the capabilities required, see #51703.
If the global current user is empty, that means you aren't authenticated.
You'll need to authenticate before creating Application Passwords,
typically using cookies and a nonce: https://developer.wordpress.org/rest-
api/using-the-rest-api/authentication/
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55286#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list