[wp-trac] [WordPress Trac] #55286: Rest Cannot Create Application Passwords

WordPress Trac noreply at wordpress.org
Tue Mar 1 17:03:18 UTC 2022


#55286: Rest Cannot Create Application Passwords
--------------------------+-----------------------------
 Reporter:  gonza.ar      |       Owner:  (none)
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:
Component:  REST API      |     Version:  5.7
 Severity:  normal        |  Resolution:  invalid
 Keywords:                |     Focuses:  docs, rest-api
--------------------------+-----------------------------
Changes (by TimothyBlynJacobs):

 * status:  new => closed
 * version:  5.9.1 => 5.7
 * resolution:   => invalid
 * milestone:  Awaiting Review =>


Comment:

 Hi gonza.ar,

 Welcome to Trac and thanks for the ticket!

 This is intentional and is behaving as expected, you can see it covered by
 unit tests here: https://github.com/WordPress/wordpress-
 develop/blob/f0dfa682a5cf2004f468c18ba8d5c87c463cdeea/tests/phpunit/tests
 /rest-api/rest-application-passwords-controller.php#L313

 The context provided to the `current_user_can` check is the user that the
 Application Password is being created for. This allows for using
 `map_meta_cap` to further customize the capabilities required, see #51703.

 If the global current user is empty, that means you aren't authenticated.
 You'll need to authenticate before creating Application Passwords,
 typically using cookies and a nonce: https://developer.wordpress.org/rest-
 api/using-the-rest-api/authentication/

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/55286#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list