WooCommerce REST API 401 Error – “Sorry, you cannot list resources
-
Hi,
I’m facing an issue with WooCommerce REST API authentication.
Error
When I try to connect using API credentials, I get:
401 Unauthorized
WooCommerce: “Sorry, you cannot list resources.”Setup
- Generated Consumer Key and Consumer Secret
- Permissions set to Read/Write
- Using external application (n8n) to connect via API
- Store URL is correct
What I’ve already tried
- Regenerated API keys multiple times
- Disabled all plugins one by one (no change)
- Checked user role (Admin)
- Retested multiple times
Issue
Even with correct credentials, the API always returns 401 Unauthorized
-
The most likely culprit for a 401 error when the keys are correct is that your server’s Apache or Nginx configuration is stripping the ‘Authorization’ header before it reaches WordPress. This happens frequently on shared hosting or behind certain firewalls. To fix this, you should try adding a specific ‘Rewrite’ rule to your .htaccess file that explicitly tells the server to pass the Authorization header through to PHP. Additionally, ensure your Permalink settings are set to anything other than ‘Plain,’ as the REST API requires ‘pretty’ permalinks to function. If you are using HTTPS (which is required for the REST API), make sure n8n is hitting the https:// version of your URL, as a redirect from http to https will often drop the authentication headers in transit.
WordPress.com Forums 