API Connector / Call and articles fetch from another website

Hello all,

Trying to get / fetch articles from another website via API Call (Connector).

Shall username and password be “under” the HTTP Basic Auth, or for Authentication to be “None or Self handled” and for username and password to be as Parameters?

Once call is initialized, it shows an error:

Snimka zaslona 2026-03-18 1520581187×711 42.4 KB

I’ve tried if username and password works via: https://WEBSITE-DOMAIN/wp-json/wc/v3/products?consumer_key=XXX&consumer_secret=XXX and it works, it gets some data on front end.

It has been shared: username, password and URL, and following documentation: WooCommerce REST API Documentation - WP REST API v3

This is not a basic auth.

this is a key (consumer_secret) in url and you will need to add a shared parameters (consumer_key)

However, the doc say you can use the basic auth

Did you just put your consumer key and sercret in each field? (without the key name)? Also, in some case, you may need to use key in header instead with Authorization: Basic XXXXXXXX
Where the XXXX are base64 encoding of consumerkey:consumersecret (including : )

Yes, there are values of “Consumer key” and “Consumer secret” and then “URL”.
or
Do you mean how “key” is the “consumer_secret”, or what do you mean by “key (consumer_secret) in url”? And then do add only Shared parameters as following setup is:

Snimka zaslona 2026-03-18 1533331171×632 43.4 KB

Oh, your second reply, has few vague informations for me (: While I’ve added consumer key and secret in parameter now, in each field. Can’t understand the “Basic XXXXXXXX
Where the XXXX are base64 encoding of consumerkey:consumersecret (including : )”

Thanks @Jici

Your last screenshot should work I guess? (you should use the top part with shared headers instead).

You can go there

put your consumer_key:consumer_secret

and base64 encode them

After, you can set Auth in header. The header key will be Authorization

the value will be: Basic [base64encodedkey]

This is often accepted by Server for basic auth.

Another way to set basic auth is to include it in url like this:

https://consumer_key:consumer_secret@restofurl.com…

Following (default) settings at https://www.base64encode.org/ are good?

Snimka zaslona 2026-03-18 160213782×302 14 KB

Sharing whole API Call for better context, with question; what “Header” base64 shall be added, 1 or 2 (on screenshot)?

Snimka zaslona 2026-03-18 155609938×732 46.7 KB

On another hand; Option: https://consumer_key:consumer_secret@restofurl.com… seems to not work, I’ve tried with such URL, with and without the parameters (keys); without success.

This

screenshot-bubble-io-2026-03-18-11-06-37920×301 14.6 KB

or this:

screenshot-bubble-io-2026-03-18-11-07-51905×390 17.9 KB

The last one have more chance to work according to doc.

And remove any reference in API Call itself to consumer key and secret.

Also, if the header option work, this is what you should keep because this is more secure.

Still after the “initialization call” it shows an error: “There was an issue setting up your call.

Raw response for the API
Status code 403

Here is whole setup:

Snimka zaslona 2026-03-18 161449881×726 24.1 KB

403 error (forbidden) is not the same as a 401 error (unauthorized).

Can you provide the whole error response?

Also, if https://WEBSITE-DOMAIN/wp-json/wc/v3/products?consumer_key=XXX&consumer_secret=XXX work… you can also keep it. This is possible that the server only accept querystring for that.

I did a few search and the Authorization: Basic header should be accepted (and this is the recommend method). If this is not the case, this is because you didn’t base64 encode your consumerkey and secret correctly. It’s hard to know because I don’t see this part of the process in your screenshot…

https://WEBSITE-DOMAIN/wp-json/wc/v3/products?consumer_key=XXX&consumer_secret=XXX doesn’t work, and I’ve tried to initialize call with and without the parameters:

Snimka zaslona 2026-03-19 073809882×682 20 KB

While testing the keys: https://WEBSITE-DOMAIN/wp-json/wc/v3/products?consumer_key=CK-VALUE&consumer_secret=CS-VALUE, it seems to work as there is 137708 characters in the long “snippet”; that can’t be shared as too long, or if you will it can be shared?

I’ve encoded (base64) CK-VALUE:CS-VALUE, and holding a 116 character-long “key”.

Could you please share where to add the encoded (base64) key, and what other values shall be added to the API settings/call? Thanks