The SitePoint PHP blog has posted a tutorial showing you how to „use WordPress without WordPress“ via a basic RESTish API installed via plugin. The article focuses on using the OAuth authentication method to connect a client to the WP instance, linked to a system user via generated tokens.
In this tutorial, we’ll learn how to install and use WP-API with OAuth – a WordPress plugin which uses REST-like API endpoints to allow reading of WP content to unauthenticated users, and writing of WP content to users who authenticate via OAuth (or via Cookies for themes and plugins). Using the plugin isn’t very straightforward, and the prerequisite list is quite long, so this post was written to make it simple and relatively approachable (as long as you’re in control of your own server).
The tutorial walks you through the steps to get a WordPress instance installed (via a git clone) and setting it up to work with Homestead Improved. He then installs the „wp-cli“ tool to get the OAuth1 plugin needed to make things work correctly and how to use it to generate the needed key and secret for the OAuth connection. He then makes a simple script that uses the Guzzle HTTP client and it’s OAuth handling to make the OAuth request for a token, call the callback page and return the bearer token for the remainder of the requests. Finally he creates a simple page that uses this token to submit a new article via the API and views it in the WordPress interface.