I would like to change the permission settings for the anonymous role (Guest), so that without any authentication I can see all products.
http://magento.dev/rest/V1/products
I understand, that I can edit:
/magento/vendor/magento/module-catalog/etc/webapi.xml
to allow for anonymous access, but that seems hackish.
When I try this endpoint:
http://magento.dev/rest/V1/products
I get the following result:
{
"message": "Consumer is not authorized to access %resources",
"parameters": {
"resources": "Magento_Catalog::products"
}
}
I am new to Magento, so maybe this approach to the REST api is wrong and there is another way to retrieve list of products in JSON format without elevated permissions.
Thanks in advance.
In Magento 2.1. anonymous access to many endpoints has been restricted. You can disable this restriction, according to the documentation:
To disable this feature, log in to the Admin panel and navigate to Stores > Configuration > Services > Magento Web API > Web API Security. Then select Yes from the Allow Anonymous Guest Access menu.