Header authorization may not work as expected

Documentation under "Common Issues" for WP OAuth Server


You may receive this message in the server status page of the plugin. This message is simply indicating that you are more than likely running PHP in FastCGI. FastCGI has known issues with passing authorization headers through to the server due to the way it is setup.

If you are experiencing issues with authorization headers not working and this message appears in the server status info, you can try the following for a solution.

Solution 1

– Run PHP Natively without PHP FastCGI or CGI running.

Solution 2

If you are still experiencing issues, please contact support.

# BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress

Solution 3

In some cases, solution 2 will not work and the server environment needs to be told to pass the authorization. See the .htaccess example below.

# BEGIN WordPress

RewriteEngine On
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress


Search Documentation

Common Issues Articles

Below is a list of "Common Issues" documentation articles.

OAuth Server 3.7.3

WP OAuth Server Pro allows for Unlimited clients and multiple grant types.

BUY NOW