API save null data after authentication plugin implement


Cake Version: 4.4.4
Plugin: Authnentication 2.9.0

I’ve created an application using CakePHP and this application have authentication using CakePHP Authentication Plugin. In the application, I’ve table name ‘requests’. This request table will receive JSON data through API. The request table does not need to be protected using Authentication. So, in the RequestController API, i have stated the allowUnauthenticated as shown below:

public function beforeFilter(\Cake\Event\EventInterface $event)

 public function add()
	$this->autoRender = false;
	$request = $this->Requests->newEmptyEntity();
	$subscription_no = $this->request->getData('subscription_no');
	if ($this->request->is('post')) {
		$subscription = $this->Requests->patchEntity($request, $this->request->getData());
		if ($this->Requests->save($request)) {
			$this->Flash->success(__('The request has been saved.'));

			return $this->redirect(['action' => 'index']);
		$this->Flash->error(__('The request could not be saved. Please, try again.'));
	$this->viewBuilder()->setOption('serialize', ['request']);

The routes as follows:

$routes->prefix('Api', function (RouteBuilder $builder) {
	$builder->setExtensions(['json', 'xml']);
	$builder->connect('/add', ['controller' => 'Requests', 'action' => 'add']);
	$builder->connect('/index', ['controller' => 'Requests', 'action' => 'index']);
	$builder->connect('/edit/{id}', ['controller' => 'Requests', 'action' => 'edit'])->setPass(['id']);
	$builder->connect('/delete/{id}', ['controller' => 'Requests', 'action' => 'delete'])->setPass(['id']);

When JSON data is post using postman, the submitted data is null. However, when i try to remove the Authentication, the submitted data are captured and stored appropriately in the database. From this testing, it may have some issues related to the Authentication but i dont have any idea on how to solve this.

Any help would be very appreciated. Thanks in advance.

Are you sure you added

->add(new AuthenticationMiddleware($this));


->add(new BodyParserMiddleware())

inside your middleware queue present in your src/Application.php

As stated in Quick Start - 2.x it is very important at which position you put the authentication middleware.

1 Like

Problem solved. Thank you sir. Really appreciate your reply and help.