Wordpress REST API user registration

Question

I am trying to create new user with api v2 but i am getting

{ "code": "rest_cannot_create_user", "message": "Sorry, you are not allowed to create new users.", "data": { "status": 401 } }

as I understand this is due to not sending Nonce headers with the request. But i can't figure out how to get Nonce id.

Answer 1

as they said in this issue https://github.com/WP-API/WP-API/issues/2252 they are not supporting this feature. I had to create custom endpoint and functionality for signups.

Answer 2

Use this plug in https://wordpress.org/plugins/json-api-user/

and use this end point to get nonce http://localhost/api/get_nonce/?controller=user&method=register

Then let me know the result. Thanks

Answer 3

Since the post is from 2018 I would like to write a short update on what possibilities you have at this point.

The plugin JSON API User is still a thing and works great for that purpose.

The second solution I use for some of my customers is WP Webhooks - It is basically an extended webhook functionality that also lets you create users on your website.

Alternatively I use Zapier in combination with some code snippets to push the data through. I do this by setting up a json construct and send it to my website via POST through Zapier.

Answer 4

If you are working in WP, you can create a nonce and then send it in the request with

wp_create_nonce( 'wp_rest' );

This nonce can you convert to js just using some <?php tags folded by '' and savig in a variable.

const nonce = '<?php echo wp_create_nonce( 'wp_rest' ); ?>'

Sending in request:

fetch("https://your.website.com/wp-json/wp/v2/users", {
            method: "post",
            headers: {
                'Accept': 'application/json',
                'Content-Type': 'application/json',
                'authorization' : `Basic ${Your_encoded-bit64-username-password}`, 
                'X-WP-Nonce': `${nonce}`
            },

            //make sure to serialize your JSON body
            body: JSON.stringify({your_user_data})})
           .then(res=>res.json())
           .then(res=>console.log(res))
           .catch(err=>console.log(err)) 

Answer 5

If really you don't care about who can create an account you can:

go -> wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

find ->

public function create_item_permissions_check( $request ) {

if ( ! current_user_can( 'create_users' ) ) {
    return new WP_Error(
        'rest_cannot_create_user',
        __( 'Sorry, you are not allowed to create new users.' ),
        array( 'status' => rest_authorization_required_code() )
    );
}

and just replace the code to always return true ->

public function create_item_permissions_check( $request ) {

if ( ! current_user_can( 'create_users' ) ) {
    return true;
}

is trickly, but that solve what i need.