I am using WP REST API Version 2.0-beta7 together with WP OAuth Server version 3.1.91
After authenticating with the User Credentials grant type, a request to /wp-json/wp/v2/users?access_token=[ACCESS_TOKEN] returns data about all users, including their capabilities. This is private data so the access_token obtained during the authenciation flow is valid.
However, using the same access_token and making a request to /wp-json/wp/v2/users/me?access_token=[ACCESS_TOKEN] returns the following response:
{
"code": "rest_user_cannot_view",
"message": "Sorry, you cannot view this user",
"data": {
"status": 403
}
}
I was expecting the be able to see private data about the logged in user.
I am using Postman to create and send the API calls using the steps described in the Using Postman and WP REST API article from the WP OAuth Server knowledge base.
I appreciate suggestions on why the users/me endpoint is returning 403 when /users is returning private data.