masyia

@threadi @bcworkz Thank you for the tips. I tried to use base64 encoded access details with same result: post is created with 6.3.1

curl -i -X POST -d '{ "title": "New Article Title", "content": "Your article content goes here.", "status
": "draft" }' -H 'Content-Type: application/json' -H "Authorization: Basic <base64encoded adminuser:password>." https://domain.com/wp-json/wp/v2/posts/  
HTTP/1.1 201 Created

and got an error with 6.4.1

curl -i -X POST -d '{ "title": "Third Article Title", "content": "Your article content goes here.", "stat
us": "draft" }' -H 'Content-Type: application/json' -H "Authorization: Basic <base64encoded adminuser:password>." https://domain.com/wp-json/wp/v2/posts/
{"code":"incorrect_password","message":"<strong>Error:<\/strong> The password you entered for the username <strong>adminuser<\/strong> is incorrect.,}

Again, the user/application password did not change, so I’m sure they are correct. Server settings also did not change, meaning server side is capable to accept authorization header both in base64 and not.

I’m investigating further, trying to find any information if any specific headers should be added to php/nginx configs.

If you have any further suggestions/advice I’d be grateful for any help.