Skip to main content
Help Center
The GoDaddy Community will undergo maintenance starting on Wednesday, July 28th at 3pm PST / 6pm EST. Learn more
  • GoDaddy Community
  • Building & Managing Client Sites
  • Building & Managing Client Sites

    Showing results for 
    Show  only  | Search instead for 
    Did you mean: 
    Getting Started

    REST API Error 401 Vend integration

    Rest API Problem

    So I switched to a Managed WordPress Host, the speeds were incredibly better for my website. I have an integration with Vend Point of Sale which relies on the Rest API. I am currently getting an error 401 when my Vend API attempts to connect. I have a cPanel plan with the same host not causing this issue. I have spoken to GoDaddy, they have told me the Rest API does not function correctly on Manage WP. I have attempted to include various fixes into the Htaccess file but none have worked. I have shut down all firewalls, and caches but it didn't work Does anyone have a working solution for this error? Or do I need to abandon Managed WordPress?


    Redacted log file below:

    ID 1298987513125470208
    GroupingID api-cf5feb38b386b18bbfb9c***
    URL https://www.***.com/wp-json/wc/v2/system_status
    RequestMethod GET
    Request GET /wp-json/wc/v2/system_status HTTP/1.1
    Host: www.***.com
    User-Agent: vend/integrations/b48e6a5/go1.13.15
    Authorization: [REDACTED]
    Content-Type: application/json
    Accept-Encoding: gzip

    StatusCode 401
    Response HTTP/2.0 401 Unauthorized
    Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
    Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
    Age: 0
    Alt-Svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
    Cf-Cache-Status: DYNAMIC
    Cf-Ray: 5c9667ad9df013be-SEA
    Cf-Request-Id: 04d1df207c000013bef1815200000001
    Content-Security-Policy: upgrade-insecure-requests
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 27 Aug 2020 14:15:31 GMT
    Expect-Ct: max-age=604800, report-uri=""
    Server: cloudflare
    Set-Cookie: __cfduid=dd35ed18884255c50db9db6a5ba7ffb971598537730; expires=Sat, 26-Sep-20 14:15:30 GMT; path=/; domain=.***.com; HttpOnly; SameSite=Lax
    Strict-Transport-Security: max-age=300
    Strict-Transport-Security: max-age=31536000; includeSubDomains
    Vary: Origin,Accept-Encoding, User-Agent
    X-Backend: all_requests
    X-Cache: uncached
    X-Cache-Hit: MISS
    X-Cacheable: YES:Forced
    X-Content-Type-Options: nosniff
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    X-Xss-Protection: 1; mode=block

    {"code":"woocommerce_rest_cannot_view","message":"Sorry, you cannot list resources.","data":{"status":401}}

    2 REPLIES 2

    Hello @ParleG and thank you for being a part of the Community!


    I am sorry you are experiencing this issue, I want to help as best as I can. I am not too familiar with Vend and researched Vend along with the error code. I have a few questions to ask based off of the research completed:

    • Are you using Vend with WooCommerce integration? 
    • Did you purchase the eCommerce Managed WordPress?

    The error code came up in a WordPress Support Post and the 401 error means the credentials are incorrect and the wrong API keys are being used. (Source: WordPress Support) I also noticed in the code provided, you are using Cloudflare. After moving your site over to Managed WordPress, did you reconfigure the CloudFlare plugin? I am not an expert at using CloudFlare but this might be the cause of the 401 error.


    I hope this helps with troubleshooting the issue 😃.

    GoDaddy Support is available 24/7!

    Getting Started

    Hi I found a resolution to the issue here:


    The only problem I am having now is that the modifications I am making to the htaccess file are being removed automatically, so it keep breaking the connection to the API. How can I make it permnant?

    Modified code is in red:


    # BEGIN WordPress
    # The directives (lines) between "BEGIN WordPress" and "END WordPress" are
    # dynamically generated, and should only be modified via WordPress filters.
    # Any changes to the directives between these markers will be overwritten.
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]

    # END WordPress