www programming

I have installed the wp w3all plugin alongside the WP OAuth Server plugin however WP w3all is interfering with API calls to the "me" API endpoint. I am able to successfully go through the oauth process and swap an auth code for an access token, however when I then make an API call with the Bearer token in the header (e.g. via postman) to the /oauth/me or /wp-json/wp/v2/users/me API endpoints, the response is a 302 and all cookies are expired (suggesting that a logout as occurred). Any idea what might be causing this?

Once I disabled the w3all plugin, the user details API endpoint (i.e. aka /oauth/me or /wp-json/wp/v2/users/me) work fine so I've narrowed it down to this plugin. I'm unsure what settings for w3all would be causing this

WP OAuth Plugin: https://en-gb.wordpress.org/plugins/oauth2-provider.

are you including the custom phpBB config or the root phpBB?
it is possible that if you use the default root phpBB inclusion, it goes to make it fail the other plugin tasks.
Are you using the custom phpBB config.php inclusion? If not can you try it?

Let know, so if it is not the problem asap i will take a look