rest_authorization_required_code() WordPress Function

The rest_authorization_required_code() function is used to require authentication for all REST API requests. This function is used to ensure that only authorized users can access the API.

rest_authorization_required_code() #

Returns a contextual HTTP error code for authorization failure.

Contents

Return

(int) 401 if the user is not logged in, 403 if the user is logged in.

Top ↑

Source

File: wp-includes/rest-api.php

function rest_authorization_required_code() {
	return is_user_logged_in() ? 403 : 401;
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Used By

Used By
Used ByDescription
wp-includes/rest-api/endpoints/class-wp-rest-block-patterns-controller.php:WP_REST_Block_Patterns_Controller::get_items_permissions_check()

Checks whether a given request has permission to read block patterns.

wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php:WP_REST_Global_Styles_Controller::get_theme_items_permissions_check()

Checks if a given request has access to read a single theme global styles config.

wp-includes/rest-api/endpoints/class-wp-rest-block-pattern-categories-controller.php:WP_REST_Block_Pattern_Categories_Controller::get_items_permissions_check()

Checks whether a given request has permission to read block patterns.

wp-includes/rest-api/endpoints/class-wp-rest-menu-items-controller.php:WP_REST_Menu_Items_Controller::check_has_read_only_access()

Checks whether the current user has read permission for the endpoint.

wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php:WP_REST_Global_Styles_Controller::get_theme_item_permissions_check()

Checks if a given request has access to read a single theme global styles config.

wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php:WP_REST_Global_Styles_Controller::get_item_permissions_check()

Checks if a given request has access to read a single global style.

wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php:WP_REST_Global_Styles_Controller::update_item_permissions_check()

Checks if a given request has access to write a single global styles config.

wp-includes/rest-api/endpoints/class-wp-rest-url-details-controller.php:WP_REST_URL_Details_Controller::permissions_check()

Checks whether a given request has permission to read remote URLs.

wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php:WP_REST_Menus_Controller::check_has_read_only_access()

Checks whether the current user has read permission for the endpoint.

wp-includes/rest-api/endpoints/class-wp-rest-menu-locations-controller.php:WP_REST_Menu_Locations_Controller::get_items_permissions_check()

Checks whether a given request has permission to read menu locations.

wp-includes/rest-api/endpoints/class-wp-rest-menu-locations-controller.php:WP_REST_Menu_Locations_Controller::get_item_permissions_check()

Checks if a given request has access to read a menu location.

wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php:WP_REST_Edit_Site_Export_Controller::permissions_check()

Checks whether a given request has permission to export.

wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php:WP_REST_Widgets_Controller::permissions_check()

Performs a permissions check for managing widgets.

wp-includes/rest-api/endpoints/class-wp-rest-sidebars-controller.php:WP_REST_Sidebars_Controller::do_permissions_check()

Checks if the user has permissions to make the request.

wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php:WP_REST_Templates_Controller::permissions_check()

Checks if the user has permissions to make the request.

wp-includes/rest-api/endpoints/class-wp-rest-pattern-directory-controller.php:WP_REST_Pattern_Directory_Controller::get_items_permissions_check()

Checks whether a given request has permission to view the local block pattern directory.

wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php:WP_REST_Widget_Types_Controller::check_read_permission()

Checks whether the user can read widget types.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::get_current_item_permissions_check()

Checks if a given request has access to get the currently used application password for a user.

wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php:WP_REST_Themes_Controller::get_item_permissions_check()

Checks if a given request has access to read the theme.

wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php:WP_REST_Themes_Controller::check_read_active_theme_permission()

Checks if a theme can be read.

wp-includes/rest-api/class-wp-rest-server.php:WP_REST_Server::respond_to_request()

Dispatches the request to the callback handler.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::do_permissions_check()

Performs a permissions check for the request.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::get_items_permissions_check()

Checks if a given request has access to get application passwords.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::get_item_permissions_check()

Checks if a given request has access to get a specific application password.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::create_item_permissions_check()

Checks if a given request has access to create application passwords.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::update_item_permissions_check()

Checks if a given request has access to update application passwords.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::delete_items_permissions_check()

Checks if a given request has access to delete all application passwords for a user.

wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php:WP_REST_Application_Passwords_Controller::delete_item_permissions_check()

Checks if a given request has access to delete a specific application password for a user.

wp-includes/rest-api/endpoints/class-wp-rest-block-directory-controller.php:WP_REST_Block_Directory_Controller::get_items_permissions_check()

Checks whether a given request has permission to install and activate plugins.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::plugin_status_permission_check()

Handle updating a plugin’s status.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::get_item_permissions_check()

Checks if a given request has access to get a specific plugin.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::check_read_permission()

Checks if the given plugin can be viewed by the current user.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::create_item_permissions_check()

Checks if a given request has access to upload plugins.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::update_item_permissions_check()

Checks if a given request has access to update a specific plugin.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::delete_item_permissions_check()

Checks if a given request has access to delete a specific plugin.

wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::get_items_permissions_check()

Checks if a given request has access to get plugins.

wp-includes/rest-api/endpoints/class-wp-rest-block-types-controller.php:WP_REST_Block_Types_Controller::check_read_permission()

Checks whether a given block type should be visible.

wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php:WP_REST_Attachments_Controller::edit_media_item_permissions_check()

Checks if a given request has access to editing media.

wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php:WP_REST_Themes_Controller::get_items_permissions_check()

Checks if a given request has access to read the theme.

wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php:WP_REST_Autosaves_Controller::get_items_permissions_check()

Checks if a given request has access to get autosaves.

wp-includes/rest-api/endpoints/class-wp-rest-block-renderer-controller.php:WP_REST_Block_Renderer_Controller::get_item_permissions_check()

Checks if a given request has access to read blocks.

wp-includes/class-wp-oembed-controller.php:WP_oEmbed_Controller::get_proxy_item_permissions_check()

Checks if current user can make a proxy oEmbed request.

wp-includes/rest-api/fields/class-wp-rest-meta-fields.php:WP_REST_Meta_Fields::delete_meta_value()

Deletes a meta value for an object.

wp-includes/rest-api/fields/class-wp-rest-meta-fields.php:WP_REST_Meta_Fields::update_multi_meta_value()

Updates multiple meta values for an object.

wp-includes/rest-api/fields/class-wp-rest-meta-fields.php:WP_REST_Meta_Fields::update_meta_value()

Updates a meta value for an object.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::check_role_update()

Determines if the current user is allowed to make the desired roles change.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::delete_item_permissions_check()

Checks if a given request has access delete a user.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::create_item_permissions_check()

Checks if a given request has access create users.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::update_item_permissions_check()

Checks if a given request has access to update a user.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::get_items_permissions_check()

Permissions check for getting all users.

wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php:WP_REST_Users_Controller::get_item_permissions_check()

Checks if a given request has access to read a user.

wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php:WP_REST_Revisions_Controller::delete_item_permissions_check()

Checks if a given request has access to delete a revision.

wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php:WP_REST_Revisions_Controller::get_items_permissions_check()

Checks if a given request has access to get revisions.

wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php:WP_REST_Attachments_Controller::create_item_permissions_check()

Checks if a given request has access to create an attachment.

wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php:WP_REST_Post_Statuses_Controller::get_item_permissions_check()

Checks if a given request has access to read a post status.

wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php:WP_REST_Post_Statuses_Controller::get_items_permissions_check()

Checks whether a given request has permission to read post statuses.

wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php:WP_REST_Terms_Controller::create_item_permissions_check()

Checks if a request has access to create a term.

wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php:WP_REST_Terms_Controller::update_item_permissions_check()

Checks if a request has access to update the specified term.

wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php:WP_REST_Terms_Controller::delete_item_permissions_check()

Checks if a request has access to delete the specified term.

wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php:WP_REST_Terms_Controller::get_items_permissions_check()

Checks if a request has access to read terms in the specified taxonomy.

wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php:WP_REST_Terms_Controller::get_item_permissions_check()

Checks if a request has access to read or edit the specified term.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::sanitize_post_statuses()

Sanitizes and validates the list of post statuses, including whether the user can query private statuses.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::handle_status_param()

Determines validity and normalizes the given status parameter.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::update_item_permissions_check()

Checks if a given request has access to update a post.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::delete_item_permissions_check()

Checks if a given request has access to delete a post.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::delete_item()

Deletes a single post.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::get_item_permissions_check()

Checks if a given request has access to read a post.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::create_item_permissions_check()

Checks if a given request has access to create a post.

wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php:WP_REST_Posts_Controller::get_items_permissions_check()

Checks if a given request has access to read posts.

wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php:WP_REST_Taxonomies_Controller::get_item_permissions_check()

Checks if a given request has access to a taxonomy.

wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php:WP_REST_Taxonomies_Controller::get_items_permissions_check()

Checks whether a given request has permission to read taxonomies.

wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php:WP_REST_Post_Types_Controller::get_items_permissions_check()

Checks whether a given request has permission to read types.

wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php:WP_REST_Post_Types_Controller::get_item()

Retrieves a specific post type.

wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php:WP_REST_Comments_Controller::update_item_permissions_check()

Checks if a given REST request has access to update a comment.

wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php:WP_REST_Comments_Controller::delete_item_permissions_check()

Checks if a given request has access to delete a comment.

wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php:WP_REST_Comments_Controller::get_item_permissions_check()

Checks if a given request has access to read the comment.

wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php:WP_REST_Comments_Controller::create_item_permissions_check()

Checks if a given request has access to create a comment.

wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php:WP_REST_Comments_Controller::get_items_permissions_check()

Checks if a given request has access to read comments.

Show 73 more used byHide more used by

Top ↑

Changelog

Changelog
VersionDescription
4.7.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More