Screenshot Say Goodbye to 2020 SAVE 20% on WP OAuth Server using "BYE2020" at checkout
GET DEAL

Invalid Token and Header Authorization Issues

Published: October 23, 2018 | Updated: December 28th, 2020
  1. Home
  2. Docs
  3. Common Issues
  4. Invalid Token and Header Authorization Issues

You may receive the warning “Header Authorization may not work as expected” message on the server status page of the plugin. This message is simply indicating that you are more than likely running PHP in FastCGI. FastCGI has known issues with passing authorization headers through to the server due to the way it is set up.

If you are experiencing issues with authorization headers not working and this message appears in the server status info, you can try the following for a solution.

Solution 1

– Run PHP Natively without PHP FastCGI or CGI running.

Solution 2

If you are still experiencing issues, please contact support.

# BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

Solution 3

In some cases, solution 2 will not work and the server environment needs to be told to pass the authorization. See the .htaccess example below.

# BEGIN WordPress

RewriteEngine On
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress
Icon