JWT returns 403

Questions
1

Hello, I was trying to configure JWT in wordpress to acces my gamipress rest api.

I have everything set up, and it works just fine in Postman. But when I try to implement it in n8n to make automations, It doesn’t work at all…

Everytime I got a 403 with “You don’t have permission to access this resource”, even with the bearer token, etc…

Can anybody help me? Thank you!

2

can you use a http request bin/hook like https://requestbin.com/ to view and compare postman with n8n

Send postman request to bin and then n8n and compare

(PS: I don’t know if you can substitute the node url with request bin url but if you can you will see the problem)

2 Likes
3

Hi, George. Thank you for your answer! I did it and there is some in the hearders:

The Postman retuns this:

headers {13}
accept: /
accept-encoding: gzip, deflate, br
authorization Bearer (my token)
cache-control: no-cache
content-length: 354
content-type multipart/form-data; boundary=----WebKitFormBoundarywa7lz1IHFI4pB9Bx
host: a5a8a7fe8467638dbe06dc33ad74df10.m.pipedream.net
postman-token: c4d86c2c-a764-4e84-9790-17aa26834ab4
user-agent: PostmanRuntime/7.28.0
x-amzn-trace-id: Root=1-60acd174-085c33663413aae5779fc200
x-forwarded-for: 54.86.50.139
x-forwarded-port: 443
x-forwarded-proto: https

And the one from n8n this:
headers {10}
accept: application/json,text/*;q=0.99
accept-encoding: gzip, deflate
authorization Bearer (my token)
content-length: 68
content-type: application/json
host: 2555954495a3fdd430e76879e3f31c61.m.pipedream.net
x-amzn-trace-id: Root=1-60acd1ef-0278d78d4c9ace7f6cc95c19
x-forwarded-for: 165.227.150.49
x-forwarded-port: 443
x-forwarded-proto: https

I don’t know what to do next :smiley:

4

Are you using the HTTP node? cuz the Wordpress node does not support JWT. If so, how are you sending the JWT in the HTTP node?

5

Yes I’m using the http node! Like this!

{
  "nodes": [
    {
      "parameters": {
        "requestMethod": "POST",
        "url": "https://XXX/wp-json/wp/v2/gamipress/award-points",
        "options": {},
        "bodyParametersUi": {
          "parameter": [
            {
              "name": "user",
              "value": "XXX"
            },
            {
              "name": "points",
              "value": "XXX"
            },
            {
              "name": "points_type",
              "value": "XXX"
            }
          ]
        },
        "headerParametersUi": {
          "parameter": [
            {
              "name": "Authorization",
              "value": "Bearer token"
            }
          ]
        }
      },
      "name": "HTTP Request",
      "type": "n8n-nodes-base.httpRequest",
      "typeVersion": 1,
      "position": [
        670,
        320
      ]
    }
  ],
  "connections": {}
}
6

Ok, comparing the requests made by postman and n8n, there are a couple of differences:

  1. The n8n request does not include a user-agent. You can add this in the header as well.
  2. The n8n request uses content-type application/json whereas Postman uses multipart/form-data. To use multipart/form-data in n8n, check the image below.

image
image736×1496 70.4 KB

7

and there you go the answer…multi-part versus json payload…bins are the best method to SEE the error

1 Like
8

Wow. Problem solved!

Thank you both for your help!

Have a nice one!

9

Can you share what solved the issue exactly?

10

Yep!

I just added hearder with user-agent and checked multipart/form-data in the Body Content-Type!

2 Likes
11

you will not need user-agent