I’m currently developing a Plugin in which I’m in need of retrieving information from a third-part plug-in api, to authenticate my users I am using the trying to use the vanilla authentication via cookie as explained in the official documentation but every request is refused with a 403 ‘rest_cookie_invalid_nonce’ code. I cannot understand what I’m doing wrong.

My code:

function makeRequest(){
$url = 'https://xxxxxx.com.br/wp-json/wcfmmp/v1/orders/';
$nonce = wp_create_nonce('wp_rest');
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
  'X-WP-Nonce:'. $nonce,
  'Content-Type: application/json',
));
$result = curl_exec($curl);
if(!$result){die("Connection Failure");}
curl_close($curl);
return $result + var_dump($nonce);

}