Overview
If you are trying to view a protected endpoint (products, orders, users, etc), the access token MUST belong to a user that has “manager” capabilities. Currently, there is no workaround for this and is a limitation/restriction put in place by WooCommerce.
In some scenarios, removing the PUT method from WP OAuth Server’s request controller will allow calls to be passed correctly through to WooCommerce. You can see some examples of filters below that will remove PUT if needed.
JSON API Solution
function wo_woo_api_fix( $methods ) {
if ( ( $key = array_search( 'PUT', $methods ) ) !== false ) {
unset( $methods[ $key ] );
}
return $methods;
}
add_filter( 'wo_create_from_globals_json', 'wo_woo_api_fix' );
URLEncode POST Solution
function wo_woo_api_fix( $methods ) {
if ( ( $key = array_search( 'PUT', $methods ) ) !== false ) {
unset( $methods[ $key ] );
}
return $methods;
}
add_filter( 'wo_create_from_globals_urlencoded', 'wo_woo_api_fix' );
Place this filter in the directory of the active theme or create a new plugin, add the function and activate the plugin.