You Don’t Have Permission To Do This

When a request is sent to your WordPress REST API AI Engine, get the X-WP-Nonce of the request and use the wp_verify_nonce WordPress function to authenticate the request. If the response is unauthorized (401), it means that the NONCE wasn't valid. This could be due to how you are dealing with cookies/cache. You can try to disable your other plugin and ensure no process is running without you knowing that could affect this behavior.

If you need further assistance, your hosting provider's support might be more inclined to help understand why your NONCE value wouldn't be valid.


You can use the mwai_rest_authorized filter to bypass the NONCE check. It's live since 2.2.1, worth playing with for those having issues (even though you would definitely prefer to fix the cache issue rather than overriding this).

Did this answer your question?