Hi,

I'm trying to register a user with authenticated role and active status but I get 403 Forbidden.

This is what I've done so far:

Drupal 8.3

Rest Services module - enabled

Rest UI module installed and enabled

Permission for RESTful Web Services:

`Access POST on User registration resource` - Checked for all roles

In configuration => REST, enable resource "user" for POST with hal+json, and the authentication to cookies (I'm forced to check something)

Here is my Query:

POST your.drupal.website/user/register

Headers:

Content-Type: application/hal+json
Accept: application/hal+json

Body:

{
"_links": {
"type": {
"href": "http://your.drupal.website/rest/type/user/user"
}
},
"name":[{"value":"test"}],
"mail":[{"value":"test@test.co.uk"}],
"roles":[{"target_id":"authenticated"}],
"status": [{"value": "1"}],
"pass":"testpassword"
}

Any help will keep my hair at its original colour ;)

Comments

slewazimuth’s picture

POST, PATCH, and DELETE operations are not setup in REST to function without X-CSRF-TOKEN. However, making that change by itself will not fix your issue. I grabbed a copy of the resource from drupal-8.3.x-dev last summer and altered it to work in custom module for drupal-8.2.x sites. Drupal-8.3.0 is not formally due to be released until spring of 2017.

canadianMan’s picture

Hi slewazimuth,

You could share the module? please.

:)