In about a month I will have the distinct honor of speaking at my first WordCamp – WordCamp US in Philadelphia! I’m quite excited for the talk and to prepare for it, I will be doing a series of How To posts that will be referenced during the talk.
The title of the talk is Gamification with the WordPress.com API and is focused on interacting with the API using wpcom.js and node. This first post covers how to easily get an OAuth token to work with endpoints that require authentication.
OAuth and the WordPress.com API
In order to perform certain operations with the WordPress.com API, like creating posts, or getting access to any protected information, you must come equipped with an OAuth token.
This process can be lengthy, but fortunately there is a quick example node app that will help expedite this process for you.
node-wpcom-oauth To The Rescue
The fine folks at Automattic have an npm module that handles server-side oauth tasks with the WordPress.com API, and inside the repository there is an app you can use to get a token. So the first step is to download a copy of the https://github.com/Automattic/node-wpcom-oauth repository.
Then if you change directory into /example you will find the app, and a set of instructions on how to use it.
Create an App
In order to use the example application you will first need to create a WordPress.com App. To do so, visit the App Dashboard and click “Create New Application”.
The form to create an App is pretty basic. For the purposes of my talk, and my App, I will likely be the sole user – but if you plan on having a more public-facing application, some greater care/thought might be put into a name and description.
For obtaining the token, you can use the same Redirect URL as seen above “http://localhost:3001/connect/res” though this is also configurable in the example application.
Once you submit the form, you will be redirected to a success screen like so:
Click the name of your App, highlighted in red above to get back to the full detail page for your app, which also has the needed information to complete the OAuth token process.
Client ID and Client Secret
Now on your App’s page you can scroll down to view your OAuth Information. You will need both the Client ID and Client Secret for the next step. These are secrets, treat them as such. Shhhhh:
Configure The Example App
Okay with your newly found secret information in hand, or in your computer’s clipboard, head back to the [code]example[/code] directory in the node-wpcom-oauth project. Inside the folder you should see a file named settings_example.json – go ahead and rename that to settings.json and open the file in your text editor of choice.
Now paste in your freshly minted client id and client secret from your new WordPress.com App, and save the file. Now open up a command/terminal application within that folder and type node index.js. This will startup the example app on port 3001. Now visit http://locahost:3001 to start your token adventure.
Get Yer Token
The first screen will confirm the settings you just created, and then give you a link to “GET THE CODE” – confirm the settings look good then click the link.
Now you will be redirected to WordPress.com where you can select which of your blogs you would like your App to be able to access authenticated as your user account. For my example app, I have created a site called legendeoftimmy.wordpress.com. Click Approve to get the token.
Now you will be redirected back to your localhost app, which will use its secret and the token returned from the WordPress.com side of things to prepare for the final step to actually get the FINAL TOKEN.
Click “LETS GET IT!”. Seriously, last step right there.
You should now have a screen with your bearer token. And now the entire world of the WordPress.com API is ready for your creativity: