Andrew Fletcher published: 3 February 2021 1 minute read
If you are receiving the following 403 errors:
- "message": "The used authentication method is not allowed on this route."
- "message": "This route can only be accessed by anonymous users."
Then keep reading for how to resolve them.
Attempting to log in to a Drupal site using REST API and I had to battle a few head winds along the way. What is worse, they were self imposed!
Attempting to authenticate
I was initially using the following to login in a user
method: post
url: https://example.com/user/login?_format=hal_json
headers:
Accept: application/hal+json Authorization: basic X-CSRF-Token: {string} Content-Type: application/hal+json
body:
{ "name": "sarah", "pass": "sa!ah" }
Output:
Response: 403
"message": "The used authentication method is not allowed on this route."
Solution: If you are receiving this error, the issue you have is related to the headers. Deactivate them.
Other responses
Response: 403
"message": "This route can only be accessed by anonymous users."
Solution: You have already logged in this user. Log them out first, before attempting the login process again.
Related articles
Andrew Fletcher
•
09 Jun 2022
How to use the Poll module and passing via RESTful API
Using the Drupal Poll module and passing via RESTful API - How do you get it working?
The initial set-up
POST: {domain}/mhc_custom/poll?_format=json
Content-type: application/json
Accept: application/json
{
"choice": "1"
}
If you run the above...
Andrew Fletcher
•
09 Jun 2022
Recently viewed pages
This code is from Drupal 9 back-end for a React front-end via REST API.
Working through the output for recently viewed pages... the code structure:
<?php
namespace Drupal\custom\Plugin\GetData\paragraph;
use Drupal\custom\Plugin\GetData\ContentBase;
use...
Andrew Fletcher
•
07 Jun 2022
User options - login, logout and user details
For an introduction into setting up RESTful hal+json refer to the set-up documentation. Also see the Query - user screen.
Login a member
POST: {domain}/user/login?_format=hal_json
Content-type: application/hal_json
Accept: application/hal+json
{
"name":...