Connect to APIs from WordPress the Easy Way



 * Plugin Name: Profile
 * Plugin URI:
 * Description: Shows your Profile.
 * Version: 1.0.0
 * Author: David Perez
 * Author URI:
 * Text Domain: wporg-profile
 * Domain Path: /languages
 * License: GPL-2.0+
 * License URI:
 * @package WordPress
 * @author David Perez
 * @copyright 2023 Closemarketing
 * @license GPL-2.0+
 * @wordpress-plugin
 * Prefix: wporg-profile

defined( 'ABSPATH' ) || die( 'No script kiddies please!' );

define( 'PROFWP_VERSION', '1.0.0' );
define( 'PROFWP_PLUGIN', __FILE__ );
define( 'PROFWP_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
define( 'PROFWP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) );
define( 'PROFWP_API_BASE', '' );

add_action( 'plugins_loaded', 'profwp_plugin_init' );
 * Load localization files
 * @return void
function profwp_plugin_init() {
	load_plugin_textdomain( 'wporg-profile', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );

add_shortcode( 'wp_profile', 'show_widget_profile' );

function show_widget_profile( $atts ) {

	$atts = shortcode_atts(
			'user' => 'davidperez',

	$response = wp_remote_get( PROFWP_API_BASE . $atts['user'] . '/' );
	$html = '';
	if ( isset( $response['response']]['code'] ) && 200 === $response['response']]['code'] ) {
		$body = wp_remote_retrieve_body( $response );
		$profile = json_decode( $body, true );

		$html .= '<style>
			.wporg-profile {
				display: flex;
				flex-direction: column;
				align-items: center;
				max-width: 300px;
		$html .= '<div class="wporg-profile">';
		if ( ! empty( $profile['avatar_urls'] ) && isset( $profile['avatar_urls']['96'] ) && isset( $profile['name'] ) ) {
			$html .= '<div class="wporg-profile-avatar">';
			$html .= '<img src="' . esc_url( $profile['avatar_urls']]['96'] ) . '" alt="' . esc_html( $profile['name'] ) . '">';
			$html .= '</div>';
		if ( ! empty( $profile['name'] ) ) {
			$html .= '<div class="wporg-profile-name">';
			$html .= '<a href="' . esc_url( $profile['link'] ) . '">' . esc_html( $profile['name'] ) . '</a>';
			$html .= '</div>';

		if ( ! empty( $profile['description'] ) ) {
			$html .= '<div class="wporg-profile-description">';
			$html .= '<p>' . esc_html( $profile['description'] ) . '</p>';
			$html .= '</div>';
		$html .= '</div>';

		return $html;

	return $html;


Video transcript

Good morning, this is David Perez, just so you know us.

He comes from the community of Granada and basically he’s a crack, I mean, there’s no need to introduce him or say anything else, it’s just that.

He is a crack, a round of applause, isn’t it?

(Applause) Well, we are going to start a workshop.

I want it to be very practical, those of you who know me, I like very practical things, even if they are four little things, and to take advantage, to ask, to stop, to interrupt, everything, so that we can establish a little bit the concepts, which are very simple, and because more and more it is an imperative need to have our WordPress connected to different systems, RPS, CRM, backend, things to advance, I am a clear defender of WordPress, all the web pages I make a WordPress, 100%, but when I have to work with development environments, of administration, of such that yes, truth that I no longer take it to WordPress, because WordPress is not thought either to make, for example, backend of production, I mean for example to manage a workshop or a factory, for all that WordPress is not thought for that, if it is thought to be the visible part of that company that if it needs some information of that application, for that there is the API, which is what we are going to teach Then, each one to his land, Warprey is our best companion for the topic of the police.

Well, I’ll introduce myself very quickly.

I am co-founder of the agency Closemarketing, which also has a technological leg, Closetechnology, where we also send plugins and do a little bit of everything with WordPress.

I’m CTO, so I’m in charge of the technical part of the company and I always try to take my team a little bit ahead to take the new technological challenges, every year there are always new things and well, I’m also very involved as you have in the community I was leader in the World Cup in Granada, I’m organizing the World Cup in Europe is very cool this year in Athens, I encourage you to go from 9 to 13 June and it’s this but multiplied by 10, but any World Cup then last year we already went to Porto and this year we are going to Athens and it is very good and between my time that I have left because I am the director of a sports race that I did for my father I also get there on issues of collaborative and we take funds to give it to a I’m also involved in Mita and I’m also involved in Work and Granada this year so I’m looking forward to October 2nd and 3rd and I’m doing very well there and you can see me on twitter @davisperospcmk now I’m also involved in Mastodon so you have to get involved in everything and well, in my profile and in my personal web page you have everything, ok.

In fact, you can find the layout there, ok.

Well, let’s talk a little bit about what is an API.

What is an API.

An API is a way of connecting, uh.

Well, it’s called.

itself is Application Programming Interface and it is a series of rules and protocols to be able to interact with systems that you don’t know what’s inside.

You do not know how it is done, nor do you care and what you are interested in is to connect, get information, read, write, you can also write, you can update information and from there you use the rule of protocols defined by the system in which you connect.

If we connect, to say something, to a CRM, then I have to see the documentation, see how I can connect, what I can interact and what I can do.

We do that interaction.

Usually, not always, but well, it’s done through structured format.

The best one is JSON.

JSON is a language that is very well structured to variables and it’s very easy to work with in WordPress because we have a function that is “UVP JSON Encode” and when JSON comes to us, we can.

“UVP” that is, JSON Decode there are some functions that you can encode and decode them and there is also XML, which we can already find PIC with XML and when we find XML, we are already saying “wow, I found, this is an older system” PHP does not handle it the same way, more roll.

In the API they usually already work that.

There is a type of authentication, we are reading sensitive data and normally there are several types of authentication.

So ideally it should have authentication.

When it is a public system, that the practice that we are going to do does not need any type of authentication because nothing perfect because directly the url we read the information and we throw miles and of course who has popularized a lot the API because the mobile applications and thanks to the mobile application we find many applications that have API because of course to have the mobile application now no longer because now you can even program the application with the same as the mobile application, well, but usually it is usually different programming, when you make a mobile application, the mobile asks the application “hey, look, give me that I can interact and read with users” then what it usually does, which is the most common, is to make a program an API, give it to the mobile team and mobile interacts with the application, for example, I do not know, a PR, a CRM, have mobile applications today, because all do it through API Other examples of well-known API is WordPress itself, has a lot of APIs and became much more popular with the new editor.

The Gutenberg editor, those who know, the new editor that WordPress has works with React, which is a programming environment and to connect, that is, being even in the same administrator to connect to WordPress and get data from the content of all does it through API then thanks to that because the WordPress API also had to PHP people who are used in more backend because they had to create all the programming to interact the editor with this with the WordPress database When I have many projects with API, the first thing I say to the application to which I want to connect “Please give me documentation, if I can not connect, how can I connect.

what autotics do I have to use.

What data can I read.

what can I write.


And there you find, well, the bigger ones, some send you a PDF, others send you the summary, the summary is very good because it even allows you to interact without having programmed anything with the API itself.

So it is very good because you put the authentication of what the API asks for and you can interact.

So, well, and here I was giving some examples of things that I like.

So for example, Holder, I don’t know if you know it.

Do you know some Holders.

Well, Holder is a very well known RP because.

Oh no, this is my developer’s one.

javascript, perfect, I was missing an “s” and almost all of them, if you notice they are almost the same, I am going to show you two that have nothing to do with each other and you will see that it has developers.

javascript Do you see that they are similar, they are similar, they have more or less the structure and it is that this Postman, that now I will tell you a little bit about the applications to delete the API, they give you the free part for those that we develop and the part of the documentation environment they give it with Postman.

Then there they charge the customers, those who have the API.

So here, for example, with Holders, well here we see all the entities, how we can connect the dedications, like all the entities, you can connect with the contacts, with the products.

It is a PR, you can generate products, warehouses, taxes, treasury accounting, here amounts payments, documents, here with this you can generate an invoice, by API I can generate an invoice in the official PR, I can collect the PDF and send to customers.

According to the application, so here for example it says welcome to the API, I say perfect, let’s go to the next thing, the API, now I am going to tell you a little bit about the types of authentication, this is the URL that you have to work, well this is to get the authentication and from here we start working, Well look if you want to list contacts you have to use the Get method, now I’m going to explain what it is with this URL, even here it comes if you put an API key you can try, even allows you to generate the code, even here you have to get it with PHP, now I will say that this do not use this, let’s use what Warp gives is that it is very good and is much simpler.

Here it tells you to install a library and from that you take a class and make a get method that is no longer needed in Warp, now I will explain why.

Well, we can create a contact, here you can do everything.

Then, the documentation, very important.

Before you can connect it, give me your documentation.

Normally the software, almost all of them have an API, I don’t know if I can think of it, and all of them also have a section for developers.

For example Spotify for example, can I interact with Spotify?

Well yes perfectly if we put Spotify, developer, here it has a developer part, almost always you use developer, developers and here it tells you so that you interact with Spotify.

In general, cloud software systems almost always have APIs.

In fact, when I go to hire a tool of any kind, I tell my clients that if we are going to use it for the web, it must have API, it is the requirement that works for you but it must have API because the API allows you to interact with it, there are software that are old and are not in the cloud or if they are in the cloud and they have not done it, you can find surprises.

There are tools that send me a CSV in an FTP folder, that’s not, that’s a disaster, because you have to read CSV, not always read, a disaster.

So the best thing is to have an API that you can interact with.

When you also have to interact with that system, always ask for documentation, documentation, how can I authenticate, how can they interact.

And once we have that authentication, then we have to do testing before we start programming.

What we have to see is the entity, what kind of information it gives us, how can I process it and all this.

So, there are many API reading clients.

Before I go on a little bit, I want to know a little bit, let’s see who are the developers, have you ever programmed.

Are they all developers.

Not here.

Here more or less.

That’s great.

And do you have the local development pitch.

Do you know how to work with local development.


Well, within the local local, you can install an application called Pongman, I use it, it’s free, you download it, you download it and even if you use Visual Code, the Visual editor, it also has extensions like ResClient, there was another one that was Octopus, there are a lot, so I really think this is Octopus, really use the one you want, which is more comfortable, try it and as they are extensions of VisorCo, for example, you can delete it, well, nothing, no problem.

I started with Pongman and I have already stayed because bring me everything, now you will see my Pongman folder, I have the largest, bring me all that information to reprogram it because simply this integrated theme is not worth it to me.

I work with Pongman, it has a simple interface, here we have what they are like as a folder, here as you see I have here a few integrations done and here I have one that is called WordPress, I can even have another WordPress and I can interact with the same WordPress and here in fact I have made an example where I here I put the URL, now let’s see what the thing means.

And with the authentication, because of course I can’t read products, it depends on how you have WordPress configured, but I’m sending it here and I’m simulating a real time API request and it’s giving me real information.

Here as you can see I have VoIP software, a little bit of everything.

So I can interact and collect this information.

Here, for example, it is giving me a request, I send it products and as I have not specified anything it gives me all the products and here it will take out the largest.

This is also necessary to work the pagination, normally the API does not send you the whole database of the pages so what you do is a recurrent and is doing the pagination.

Here as you see it gives me an ID, the 1904 with a date, here you are already seeing in this interface you are already seeing how it gives you the date and it would already start the manipulation.

The date I like to save it in numerical but if I get it like this, I normally treat it and pass it to SDRTutime I say pass it to me in numerical and I can work with it.

Here it tells you when the modification was made, the SLU, this is an entry of a Clos Technology product.

Here I get even the link, the content, look here is the content inserted, it gives us the rendering, which puts here renderer, and well even escaped, if you see here the quotation marks is called an escaped, that when we decode it, we to work in PHP, the JSON we can not work it because it is a string, then what we do is that this JSON we convert it into an array and already to the array if we can make a recurrent, we are working and we are taking the entities.

But well, you are already seeing here how it is structured and here you are seeing that there are two levels.

I would have to make the array and the std and then from there I would have to take, this would convert it into a double level array, then I take this one and this one to be able to take this information.

So there I’m looking at the levels of the JSON as well.

So the normal thing for when you take an API, first see the documentation, put it in the postman and start looking at the documentation and do a simulation.

You make a request, you put in the authentication and you hit send.

Now we are going to see that there are different requests.

These are the requests that the API can make and here the GET is collect, give me the products that the store has.

So, if I have a mobile application that wants to connect to my store, well, I would make this request to be able to choose the products and show them to the customer.

Obviously, if it is an online store and I have the mobile, maybe I am not interested in taking all the content with the featured image that will be here too, which is sometimes called “featured”, look, “featured media” and gives it to me by ID.

Here, for example, we are seeing that I will have to make a second API request with the ID of the image to be able to take that image, okay, and already taking the image, I think I remember that it gives me the different snippets that I have in WordPress defined, so with those snippets I will take and what I will do in WordPress is that I will make a snippet for the mobile and I will take it by API and I will show it, ok then at the end with podman that I use the one that I interact with I see it I configure it even here it gives you a code ok all the tool comes with the code but I already say that it is not useful in the sense here for example it gives you a cúr and if I put it is that as it never did it now here then I can tell it then give me PHP, PHP concur, look at everything that it sends me.

Well this in WordPress are three lines, if you save all this that is native PHP, that is this works in native PHP but if you send the plugin to WordPress you will see that they do not accept it, you have to use the native requests So, I have documentation, I have the client to interact and collect information, I see how it brings me the information and I work it.

These tools are fundamental to be able to see what the API gives you before you start doing any programming.

Many times they give you a documentation, it is not updated and before you start programming you have to test it.

You try it and say “Oh, well, I didn’t get it. Ok, type of requests that I have in API, then as we have seen they are protocols and now I can make several requests I have five in total but they are not, that is to say, not all the APIs have all, the normal thing is the GET and the POST, the normal ones there are times that only have the get, the get is like the fundamental one but it does not have api because it is the reading and then here we have a series of requests that the names themselves are more or less descriptive get I collect information, I read, then I make get requests to read information as you have seen for a store read the products, the featured images, all the Put requests, what is Put.

It’s update.

If I pick up a .

if I do again the mobile store example of my.

of that mobile app store.

I do a product get and I’ve put an admin here so I can change the product information and I already have an ID, okay.

The Put with an ID usually updates the information.

I change it, so I’m going to change the title, I’m going to save it.

What it does is, it makes a Put request with an ID, normally all that goes in the documentation and I put in the information that I want to update, why do I say that this is not very common?

because normally many times it is done with the post, the post is to send, it is like creating a new contact, for example in the example of the RP I can create a contact with a post but many times also if I give an id in that request it makes as if it was a put, then it already depends on the argumentation because we will find it if it has post and get or it also puts you put, to be more strict it is better to put because this way it is telling you that this is an update, you are forcing it, that is to say that if you do not put an idea in the put it will give you an error, on the other hand if you do not put an idea in the post it will create a new one, a new quantity, whatever, a contact, a product, etcetera.

Then, as I said, it depends on the API, as they have programmed, the more accurate and more such, then you usually put a pure request, to update the contact.

More little things, the POST, because I create contacts, I update, it depends on the API, then the ET, which I use very little, I don’t like to delete data from an external application unless it is necessary for the project because you can have a forage and you make a mistake and start sending it.

Normally the delete if you give it an ID as the put, it deletes the entity that you tell it.

Normally you will have to specify the entity you want to modify, for example a contact and an ID.

Then you tell it those two things and it saves the entity in the application.

And patch is also, depending on the requests, the update.

So we have seen the function, as you can see, which is quite suboptimal.

This one is from a CRM, it’s called Clientify, and here we’re asking for a GET of all this information.

And here I even have the update, just a touch, okay.

Don’t see it because it doesn’t exist, it’s not real. Okay, so I’m doing a GET request of this tap, and then what happens.

I’m going to get a result here, response, and then I can work with it here, okay.

So, okay, here as you can see, it generates this code, podman, rest client or any other, it does not comply with the WordPress Coding Standard, I don’t know if some of you know what the WordPress Coding Standard is, here it says yes, nod, no, yes, yes, okay, WordPress Coding Standard that means, it is a syntax that defines, well, a compendium of rules that very good people have defined and so it tells us to have the same style at the time of programming.


Because for several reasons, for security, for reading the code of a person and that he can read it in a normal way and then all those rules you can install them.

I encourage you to investigate a little bit more in my blog or as I document how I do it and I put it in my blog.

If you look it up on Coding Standard I tell you how I install it on my computer.

I put it in the editor and it tells me as if it were an autograph corrector that you are changing the definitions.

Then I’m defining this and when I put the CUR tells me that no, it is not allowed to use CUR rules to interact with the API from WordPress.

That if you put it and continue forward nothing happens, but if you send that plan that you have made to the repository of WordProficial they will ban you, well they don’t ban you, they answer you, they give you a series of rules that do not define the standard code and makes you have to fix it, then as we have not done things right from the beginning and they saved the work of doing it in a way and then they give it back to you, So we’re going to work with standard code and here you’re going to learn directly, so that’s why I said that when Postman gives me a code I don’t see it, I see the dedication, I see that the API works and I start programming and in a very simple way that I’m going to teach you and then in the exercise we’re going to see it so that you can program it.

We have some functions defined in WordPress, you saw that we had five API type requests but there are no functions for each one of them because I don’t know, the truth is, but we have this next one, we have “wp-remote-request” that you say well, the “request” no, I didn’t say your API request, no, this is the generic one, that within the argument, and I’m going to show you the argument, we can tell it what type of request, if it is “get, put, pull” or “sapatch” or “post” or “delete” or whatever you want, then we put the arguments with which many times with only one is enough, with the “upremoteRequest” then what I do is that I make a function, I call it API and whatever and then in that function inside goes the “upremoteRequest” and in the function I tell it the parameter that I want to use if it is “get”, “spot” and so on.

But there are times in programming, if I just need the “get” because it’s a public app that we can use, vperremote.

I get that the arguments are simpler because it is not necessary to put the method in this one you have to put it, in this one you don’t, because it is already assumed that it is a get and with the get, with the url it brings you the different ones.

It returns the data, the same as the arguments here, we will see how to make the arguments so that the authentication, the header, the body that we have to make requests because there are times when they say look, send me the last modified products, how would I do it?

Well, with the arguments that I send here, reading the argumentation it tells me look look put it in the body and it tells me to modify and a date in this format then I build it I make the web remote request web remote get and I tell it to modify and I put the date then it returns me that is the one that we for example when many times we have online stores we want to synchronize them with a rp system because many times we have to do like a cron then I find applications that don’t have the modifier, that’s a pain in the ass, you have to bring the whole database and go through it again and go through it again, I find it a lot of times and the modifier would be a very simple request to give me the modifier of the last one, what happens is that when the application doesn’t have the modifier, for example jose doesn’t have it, a very well known rp and I have sent him a ticket and I have sent him nothing, he laughs because I have sent ticket in my fucking case and I say look that it is that in fact the product comes to you and in the modifiest it is not right because you make changes in the product in the RP you bring it by the API and let’s see the modifiest of three days ago or then you have nothing to do one thing in another, So it’s a little bit of a disaster, but except for a surprise, normally in the Remote Get it’s Modify, which is great, for example if we wanted to “look, I want to update my online store every hour or every 15 minutes” with the Modify we could do it because you put a variable of 15 minutes, so it brings me the products and if one or two come out, these requests are quite light.

Remote post is the same when I want to send information for the same reason, the url, the argument, etcetera.

And remote GA, I don’t use this one, I normally use this one or one of these two.

For PUT, for patch there is no, I mean there is web remote and so on.

So what do we have to go.

If the API tells me “to update a contact, you have to use the put method”.

Then you have to go here to “remote request” and the argument is to tell it the put method.

Here, well, a lot of theory, but now we go into practice.

What argument I usually use in these arguments.

That is an array, that is asking me for different arguments or I put you come on if you see the documentation it does not tell you much and normally I here I tell you so that it serves you I put you directly the requests that only I use better and in fact I am going to give that it has cost me a work of years of different updates that are asking me for the right array that I use that is to say that having the devices that you are going to have it, you can copy them and if you use a basic authorization a username and password, well I say what I have used the most, you are already testing the one I said, the method, if it is an array, it would be method = arrow then here we can say the type of HTTP request is only used in this function, in Google Play Remote Remember when they ask me for methods such as PUS, DELETE, etc…

Timeout, by default is already the function, if you do not put Timeout you do not get a default, is a 10 seconds or something like that is if the API takes too long to answer or that usually is, response times are also often many times when we ask for a lot of data when the API does not bring me pagination and I say give me all the products, it sends you 10.

I have found APIs with SSL unverified and I have to force it, for Word security, if you do not put anything the API will always take you in secure, obviously we are taking sensitive data traveling over the internet and they have to have SSL but well, you find surprise here, here is with surprise, this you don’t put it and that’s it, it works perfectly but if you find a surprise that you don’t get an answer in the response, it tells you that there are errors because you put SSL Verify and falses and it works and you shake your head because it is working with APIC data without SSL but well, it is not, there is everything and then we have the headers and the body the headers are usually, and now we are going to see several documentations, where the authorizations go, can I find the authorization in the body.

I can find it, but normally they are usually in the header, so if I make a token, normally I ask for an authorization and I make a token, that is the same arrow and token and then the api that gives me the authorization and also I usually force the content type to be JSON, I think you were saying, this is the one that is more or less handled because you bring it, you convert it immediately to an array and the managers manipulate it.

And the body is usually when, as I was saying for example, I want to get the products modified in the last hour.

Normally that type of query that is called, or requests, is usually done in body.

The habitual thing, everything again I say to you, depends on the API.

And type of authentication.

These are the four authentications.

The one that I usually find almost always, in 90% is the APIKey.

It’s, Holder has it, almost all of them do.

So, usually they usually give you a developer section and it says “Look, enter this developer section” and we give you the constant, the key to be able to interact that’s the most common, but well, you can find everything The one that we use for WordPress, if we do something for WordPress that, let’s say, connects to another WordPress, we use the basic I don’t know if you’re going to notice that since, I don’t know, a version, I’m sure you’re going to notice that since, I don’t know, a version, I’m sure you’re going to notice that since.

I don’t know, a version, I’m sure you know it comes out a lot more of the version but from a version they gave an option that within the user you had the user and password had apart another one that is called app password or else you don’t realize and that’s a different password so that you even if you change your password as a user can still interact because the gd app works if you put if you change the password then you can work one of the two and the token beater, this is the basic user and password apiqi, a chorizo that you put string and the token beater is usually that you do a basic, you get back a token quite long and the next expertise you do with this token that usually has an expiration and depends on days or things like that So, what I usually always do, well, when I start the first request, I do a basic and the token look and then the next I do with the token itself, right.

And the OAuth, which is not very common, but this is the one from Google, for example, right.

Which is the typical thing, which takes you to an authorization page, authorizes it and then takes you back to the page again.

So, you have to program, ask the application to generate that consent page, it receives the consent and that consent again gives you back a live tap.

That one you already have to store it in a data base to be able to work with it.

That one I do, but that’s the one I encounter the least.

Unless you interact with Google to do all the services, you have to work with that.

It’s a bit of a pain because you have to have a URL programmed and give it to Google.

I’m doing the Google example.

You have to give it to Google to give you back that application and you save it and you give it back, okay.

and then already on that page which is usually the one of.

everything is correct.

so it’s going to work, okay.

and how do you program that.

in WordPress ok.

Well, in those arguments that I was telling you about within the VPN Remote I usually work this, ok.

So, well, we just work them.

Here I have put the SSL Valify, this is badly done but well I have put it so that it was in example.

And here I’m making a request with an argument, with a header that I’m saying “work me Jason” and this is an application that’s telling you that you have to give it a clean ID, a clean secret, a user and a power.

And the GrandType is Power.

Well, that’s it, that’s how the application is programmed.

Well, that’s it, I log in. Then they usually give me this, for example, the application, which now I remember a little bit what it was They gave me this, which I entered it in a constant Or I saved it based on everything, such, this if it was fixed And this the user and password I entered it for.

The user had to give it to me Then, because here in these things what we usually do is a page of settings And in that page of settings we make two users, put here your user and password to be able to connect your application then for that reason it saves it in data base, it makes a getOption and cutting I was very fast and I do not know if I make a getOption and I pick up the user password that I saved in data base and here I am saying I did not use SSL, this is very bad, but in this application I needed and a timeout of 50 times or a second you are testing because as the requests themselves when you make them you are giving you the answers because you are seeing if it has errors if it does not have errors, it takes a lot, it takes a little, because there you are testing.

Another type is the one I use to connect to WordPress, this argument I make a header and I say Authorization Basic and encode in base64 with the user password user, colon, password.

With this you can connect to another WordPress and now let’s see the rest of the code.

I have as you remember a URL and some arguments and there I have my request for arguments.

When it gives me an API key, these are the arguments.

I make here the header, I tell it the turization, I put a touch in space and the api here, this text that is the big text that you have seen, I put it and I put a timeout because the one that is defined by the function is very short, so I put 20 seconds and here with this I am already identifying with other WordPress and for example some project has been “I have a WordPress to sell and I want to connect it with another WordPress that is an online store, or an online academy, so I do it when the sale is made and there I launch a remote vp in a post and send it to the information, then for wanting the user and what I do etcetera, and the token is a little more puñetero, but well neither in the end is to ask a basic that this, this is part of a complete function then I there to not repeat myself the directive drive that I try to take it a lot that is “don’t repeat yourself” if you do not repeat yourself continuously I have an API function then if I do not send the credentials of the token, if they are not empty then if they are not empty then use the token that you have stored in the credentials and it makes me an authorization of type vira and if it is not there it makes me the one.

That’s why I have to do that function or I have results sometimes when it is a request for example of the ex product for example I have to tell him then look we take the password user, here it makes me a terenario of the beliefs of use in NAMI and give me the empty one and I encode this in the body.

This API asked me to code it in a body.

Well nothing, I code it and send it and then it returns me a VIRS and this VIRS I use it again.

I repeat and I tell you more times, this is a way to have everything grouped in a single request and what I do is to execute the function twice.

Do not worry that now we are going to see it in practice and what happens one thing that happens imagine that we have a footer and we have it occurs to me for example now for example there is if for example that the server is green or not there is a pipe that then you can say hey this is the green video then you give it domain and it tells you there is an API for that imagine that I have it in the footer then every time a user if it is not cached, every time a user sees that page is making a request to the API, API requests are usually slow, they are not usually fast, there are some faster, some slower, then the requests, notice that I am making the user to make an API request continuously on the one hand the API will tell me “you are making many requests per second, I will block you” there are APIs that, there is even an API that is very funny, that when you make requests, I do not know, there were 20 or so, from that 20 they block you for 2 or 3 minutes.

If you are reading products, you have to check that this API has not blocked you by time if you have blocked the time you have to say “wait” then you can do if you have it right on the frontend that is very slow on the page and you are asking too many times the same information that you already have it stored then how do you do this.

Well, there is a very good invention of Warp called Transient, what does Transient mean?

It is a way of caching information with an expiration date. I tell it to save me for example let’s go to another example the products save me the last modified products and if I want to show it later in the frontend several times then I would work with the transing and I would save the arrays of the ids or even the information that I want the image and so on then I tell the transing to save it and for three hours or four hours now in the next one the Transient code comes out, then I am going to teach not only to ask for requests to the API but to save it and to cache it and to show it to the user when I want then, how do you usually make an API request.

I make my function, the arguments already I have given them to you, with a URL API and I make an.

I use vprimotget, here for example I have made the request with get, I tell it to take me, that is to say what it returns me that is a response, to take me the body, because if you do a printr to the response, you get the headers, raw bodies, everything, then it has a warp function, it is called “wpRemoteUtilityBody” and it returns me another one, a response body and I can decode this body because it is a JSON, that is with the JSON decode and from there I can see that I usually get a response from the code, it says “look, the HTP 200 request” and I return you the information and here you have it and it gives you an array.

Then from this third function I can work with the information that the API has given me.

Now we are going to see a little bit in real time and since it brings the laptops we are going to see a little bit how it is done, okay, with these three functions we return already the body response, this one I would already begin to work it, then what I usually do, I make a function that connects with my API, I make the arguments, I make these three functions and from here the returns are return me an error or return me an ok with all the data that I needed and here I was teaching the transient that we’re also going to see what it does, and we also use it in the profile, because now we’re going to make a plugin that’s going to make requests to WordPress.

org and it’s going to send us our user’s profile information.

So, if I put it in my web page, what the example said again, I put it in my footer, well, I’m going to start making requests to WordPress.

org and there will come a time, most of the time what APIs do is they block you, they have a series of requests, so if you make a lot of simultaneous requests.

So what you do is caching, I make a request every three hours.

This is what it does, I will explain.

Get Transient with a key that you can make the one you want, the syntax is the one you want that you know.

Don’t just use a prefix, the type of query and the type of information.

With those three, so I can remember.

But here you can put Manolo, Pepito or whatever you want, it doesn’t matter then this returns either the information or a false, so if it is false in this line I would do the vprimodget, vprimodget, because we are reading and I would put it in this variable and I would save it with this key, with this information and for a time there are some constants in wordpress that takes away saying hours in seconds by three, so you can put here the second.

So what does the transit do in practice.

It is I read the information of this variable, you return it to me, what have the three hours passed.

It makes API request.

Then, the first one that has passed the three hours makes the real request of API and all the rest of the people comes out where it comes out with the with your own cachéos with which you are working with your local training that is always faster always or not the same that you give the basis to everything that you have to ask for a system to collect the information the manipulated ones the super important transits and for this example the most to see and I am going to be the theory is more or less well how it goes and you have not interrupted me, you have taken it all.

We are going to work if you want to take out the laptops and we are going to see what we are going to do.

They laugh, they laugh over there.

Let’s see, for this example I have made a plugin, here I am not going to.

Well, we also go into detail, here we have the opportunity.

I’ve made a plugin that’s going to connect to WordPress and it’s going to show me through the WordPress profile.

A cool thing that could have this pizzeria that would give me the medals, so I could for example have it on my personal web page and all the medals that I got for the interaction with the community would be shown, but it doesn’t give it.

So, here is the information it gives us.

Let’s see it here, I take more time, an hour.

Hey, have I already eaten a play.


If I love it, I’m going.

This one happens here.

ah okay because this request does not have.

this WordPress request to see if I can get the documentation is that they gave it to me the WordPress API requests are very hidden and here it is yes here it is in user fix up the documentation that I have from WordPress and if you enter REST API Handbook, here are all the requests.

We can for example even pull requests from the plugin.

How many downloads there are, a lot of interesting tidbits.

Well, I download them for a while they took them down and such.

Then here we have the endpoint.

What do you mean the endpoint.

Let me see if I can explain it.

When we have an API request, 100% of the cases we have a base url, which is for example api.


com/laversion because it is important because if you tell us to push the API it can be that you create changes in the API and stop working applications of many users.

So it is a good practice to put /v1/v2 so that the developer has time if you have released a new version of the API gives you time to modify it.

Take care of the developers, we always like to be taken care of.

At least we ask them “Dano versioning” that if you release a version 2 I have time to program it and work on it but v1 still works.

But there it nods and you find it again that it does not.

Here it tells me that I can use the user version and here it says the schema, it’s going to be a documentation that WordPress gives and it says look if you give me the ID, the user ID, the username, look here what it returns I think it is, here is the list user, then it says look you can make a request that is /vpv2user, this is the Warp.

reg, not Warp.

reg but well, it serves me for the example and here I can know the users of a fix you that Warp makes the versioning, here it says v2 then if Warp would make a new request, that is to say, a new request v3 for what of soil does not run out of time, it will put more the v3 because surely the requests are faster, it has more arguments, etcetera evidently a new version is made for something.

Then I in my example that I programmed you here I have here my url that is warpress.


That’s like the base url.

In fact I have saved it here in a constant because it is not going to be modified.

Here you can see that here what I have done is Here I have given the translation and I have made a shortcode Here we were not going to put more little things What I have done is to put a shortcode that is called “webprofile” This code I will leave it in the east so that you can work it It is a single PHP file so that you do not complicate the life in more things I explain the code that I have done this would be web profile and it will execute this function with some attributes the attribute, if I do not want more to remember, here I have to say chiclana was user, user equal to I don’t know what I put “vp profile” and “user davis perez” that is my user then it connects already the API and I will be able to execute it here I put that if you have not put me any that says “davis perez” and then, as this does not need your application, does not need query, does not need anything we do an “upremote” directly to the url and as you see here in the comma there is no argument there is no header, there is nothing then I am saying, get me the url with the shortcode It would be all this URL warprep.

org/vpjson/v1user/davisperes that if we navigate to this URL that I had it over here I’m going to get the json, this is the json While it tells me, set what it gives me, it gives me an ID, which this ID I don’t know what it will be, but I already have an ID here It gives me my name, which is what I put in there, it gives me my URL and it gives me my description, the link, a Slug It gives me the different avatars in different formats, in 24, 48 pixels and 96 pixels it gives me an empty meta and here it says HRF Self and a Collector, that I believe that it is called the same but well, in the documentation it will explain a little more, but well here you see that it is the URL and here it is the.

This JSON is the one that I have to work with, this is what it gives me, here it would be cool to give me the medals that I put here as it is called the medals were batches and then it would give you the medal then we could do in our own that this plugin would be cool for that so that they would have the medals but well it has been already half in a simple plugin but well at least to get and I will show results then of course I am now working with this request I make a remote and here I return a response code and if I get 200 pick me up the information.

Here, perhaps, I should have worked an “iset” so that it does not give me fatal error.

The arrays that do not have a defined “key” here I am correcting myself. Here it tells me if this variable is defined and it is 200 it continues asking for information.

In Key Profile, it takes the information of the body and decodes it.

This already, the Profile is an Array, of the JSON that I saw and an Array.

And we are going to see it now, in a fast one.

Here I put a style, I already tell you, this is that it was a peche peche, it is badly done because the style is usually made in colan and all these histories, but for the example I did not want to get into more files and more in colas.

Then I put here a style here jacodeado, this can not be done, but it should not be done, but I have done it so that it is seen.

And I begin to work with this variable that is the profile that comes to me from the API and I begin to make.

Important to work with “iset”, important, because otherwise you show fatal error in your code.

A very typical one is, “iset”, that is to say, if this array is defined and has value, it is simple, you can make it fast with “empty”.

“Empty” is an “iset” also inside, so if it was not defined it would give you a false, it would go to next so what I tell it is if it is not empty the url goes to avatar that we had seen the giso show me the avatar and here I use the 96 and here the same if it is not empty the profile name then I go showing the information and I go showing it and here I have taken the url and here for example I would also have to say if this is defined so that here for example, Okay, no, sorry, and set, okay, all these keys I have to verify that they exist, because if it does not give me, if for whatever reason the, which is not the case, but you can not be subject to the API gives you one information or another, then you better, hey, since I’m touching this array, let’s check what is defined and then I run it.

Then I do an echo and I do a tar.

Here as it is a short call what I do is a HTML return.

Then this is a simple one, the avatar, the name and the description.

Let’s see the result.

Here I have not worked the transing and we are going to make a transing not to crush the API, then I believe that here it is, we activate the plugin error we activate and what it says is a shortcut and it is supposed to see that it has taken my photo of the avatar, it has taken me the Davis Perez that I have even put the link and the description.

This page, imagine I have it my Davis Perez Gar page, because I want to show my WordPress profile, et cetera, and it starts putting it in.

Then it starts making requests, what I want is this to cache it, so that it doesn’t make API requests.

Then, how would I do it.

Well, with the transit, as we have already seen.

Here I have a tricky tricky that is.

of course here you see that I make a remote that is, ok.

then what I would do is to make a before making the request API cachearlo with the trance and to see that it has an expiration and already I show it, ok.

and if it doesn’t make me a remote that it is, ok.

Then this way vp back, I that I have here an.

so I say, VPOR and the variable, sorry, VPORG, the variable that is user, “vpUser” then, the “transient” I would say “getTransient”, do you see it.

it seems to me that it is not very visible, isn’t it.

you have not complained, eh.

You are quiet, I don’t know if I’m boring you, are you scared.

you are scared, that if I do a “getTransient” of this variable that I have saved in my database and if it does not exist or it gives me a false because the false is provoked if it gets ducado, then it makes this request.

Then what I would do is.

here quickly.

well no.

to see, to do it well what I would have to do is to save the root of the profile, that is to say I would have to cache this then what I would do is.

one of these.


and one of these.

so quickly, ok, then I would really save the profile, which is the array of my user with an expiration of three hours, then every three hours the first following request I would make an API request and I would save it in my cache that is “web org query user” and from here I already start to make checks, I already do the HTML and all that.

Then if it gives some time error, it would show empty.

You always have to be very careful with the theme of the.

I am going to remove the transit.

You have to take care of the issue of fatal errors and all this because we can create tragedies in web pages that stop working and if perhaps it is part of the content does not load the footer and the footers are often the JavaScript, so you can load web pages if you do not work with the Icer, in the Array and Enty when we want to define value.

I don’t know, Spotify has here.

Does it pass Spotify.

The study done in a multitude of documentation.

Look, web, APIs, look.

For example, here I could show with this API the list of my music and I could show it on my web page. This is very interesting, now I just remembered because the software usually have the bad habit of giving you, hey if it includes, for example, a travel booking application and tells you not to make an iframe on my web page web page, but the iframes do not position, they do not save the SEO, then it can be that it stops showing information to Google because the software has not given you the information well then the app and also the SEO shows information of the application in my web page and positions, the iframes do not position, we go of time then that clear the app and also helps the SEO, because it shows you these plans that you later you can use it.

When you don’t have API documentation, can you do something like go through the WSEDS and make a request to show it.

I know of everything, I know of the jungle.

Or there’s no way.

Yeah, yeah, there are times that the API itself, when you put in the URL, it gives you like a request.

There are times when it does.

But the API is ready, isn’t it.

Yes, yes.

Yes, yes.

Is that why you are referring to a list of Mero.

Yes, method, yes, you have to give it to you somehow.

What if they have developed it like that.

What about for the list.

Yes, there was some API that you gave it a parameter and it gave you the.

It came out with an AI, which is pretty much produced, but.

In the end, the bug has been forgotten.

(Orders) (.



) You just make up the URL.

Of course, first you have to speak the URL, otherwise you can’t make it up.

And of course, here for example, here it says “require HTTP”.

I was looking here to see if I could find something.

This one is giving the code to do it through.



Here it gives you here some option, etc.

In the end, the WarpPres ones, for example, here you have.



Well, I do not know how to tell you, let’s try one day to test and if it will let us.

If we put this base.



Look, right here is the example.

Look, I have given him the URL of base, the one of WarpPres.

org and it is giving me, this is version 1 of the API and here it has the endpoints, which are the requests that it can make, it has get, it has get methods ah look, here it is, this is the one that I used, the user Here it has user, so if it makes me request for www.


org/v1, here, if you do this, /vuser, here you will find an argument, you are reading, yes, more or less you understand, right.

Yes, the argument.

Paginated, it happens in the collection page, which is by default one.

Of course, if you tell some user you will not have pagination.

Per page, so that you can manage the pagination.

This is good, because depending on your application, if maybe you are doing .



But the fact that this is not launched by everyone in the ambitions or .



I tell you, it is a jungle I have found software that tells me no no, API, that is API I give you a CSV and you already manage it man, let’s do the same because I, the API I can control it when I want and I can make requests of modified for example, the modified thing you will say that I have done rada, I could give you a modified request in the last hour so you do not have it but it is a lot then that you have to do then that, look for the people then that, look for the life as we all do.

You bring the whole database, you bring with how inefficient it is because the API takes longer, you bring the whole database, the management, I have also made for example intermediate tables, what do I do, to that Hordes for example I do not have the latest FICA, how do I solve it.

Well I have made a custom intermediate table in WordPress that I keep the product ID and a beacon 1 or 0 then I set it all to zero and then what I do is I take all the products I keep them in that table and when I make the request I do it every 5 every 10 and I go through that table and I give it a 1 when I have finished well, a solution if, yes, yes, indeed but is that the modifi.



. no, what I do is to go through it because if it gave me the modifiye I could also save it in another column that was modifiye then I would do .






give me the modifiye but no and that one is super used, I’ve used it a lot but it’s that it finds you everything, so yes, that’s the cerpa Let’s see, if the client, first the client, which is usually the client that uses that software then the client usually pays for those tools, then he says “hey look my developer is telling me that he can’t interact with your API, what’s going on.

” there’s usually more pressure on the one who pays, the one that you’re.



The one that charges, just, in front of people I in fact some time I tell the client to send him an email and me that I love Another thing that usually happens, when you are developing and you write in database You can not do it in production, imagine that you are doing tests, you put a product of etc. And you begin to associate in your database, because you have only asked for a test account From one is group therapy.

Those who have a test account is phenomenal, great because you log in and start writing.

The typical “today I place an order and I want to write it in your application”.

Of course, to do my tests I have to enter your data.

Then you ask for that test account, if they give it to you, if they don’t give it to you, what do you do.

You put a free account, because you do not go plugging an application and if you use it, and it also sounds to be a very expensive application, or well, it depends on it all.

You can make a free trial account, yes, yes, you call the commercial, hey, I have seen that it is interesting in our waters, and you, no, I have developed, my client does use it, but as you do not have a trial account, I have, well, history, I’m going to sing to you.

Then, because these things are little tricks that you are making conformed, you are fighting with the API and then the test accounts are usually for .



. when there is the reading solo that a critic says “no, no, read me my .



.”, you don’t need to, just make a guide and that’s it.

And yes, then it’s whatever you find, it’s a silva.

I mean, my fight last time was with a person who sent me a CSV, I thought that with a CSV what do I do, when do I get it, I don’t even know when I get it, I don’t even know when you have to meet, what time are you going to give it to me.




) Yes (.



) (.



) Yes, yes, yes, yes, there, thing, there group therapy, from now on group therapy, we are going to tell stories, well yes, you find everything, well the best thing is to have your documentation, in fact, let’s see you who have clients and they are telling you things, look I want my WordPress to have information such, let’s see what you use, normally if the client already has a software it already adapts you, but if you do not have software then you go saying look I this has an API with this if you do not mind so and so, then you are seeing a little bit, it also closes a little bit to the client in the sense of hey if the software that you are seeing you are going to hire it, it does not have API, strange things, also the API is a form of factusol, well no, factusol has happy now just the last half that there is in malaga told us that someone had to connect to factusol if you have the database in the cloud, if you have it in local no ah vale, there is a lot of creation and mental change is what comes out if, effectively, another comes to the other and says look what you are asking me happy that’s worth I do not know how much more and well and depending a little is not usually a major account so what I tell you is to find badly formatted Jason or you get it in a stream I once said because I do not catch well the Jason and it was because it was in quotes did a weird thing and you had to format it again before making the JSON code you had to do so, I did a very strange thing then in the end then that’s it, so as a summary mode and you ask me more questions, first documentation, give me documentation that I know how to see what authentication you have, if it is the perfect api, because with an api you get it and take it, save it in a database, perfect, which is by token bieres, well nothing, I do authentication, I take the bieres, I can also save it in a transient token bieres, I see the documentation as soon as the token mirror expires.

The mirror token, what happens, you may calculate a time that does not run, but I do not know if it always runs that time at the same time.

Then you have to make a check in the function that the mirror token is not expired in order to regenerate it.

story you have to find.

I tell them that 80-70% of Api is almost always the ApiKey which is the most comfortable.

Or you have to do more checks.

If the touch gives me clothes then I make another request.

Then take a look at it, in the end we do not have time to see the code that you put, but I say that anything, as you have my web page, ask me without problem.

Then use VPR Mode, let’s see if we are making you the summary, well documented documentation that we can interact, the customer has the power, who pays has the power, so I can ask for documentation, testing account and I will write data I do not write it in the client, I write it when the programming is already finished I review the programming, I start programming and I already started from there by testing, errors and finish the job.

And above all use Abstrance, when you have requests it is always important the Abstrance.

I already say, for the reading of this example that I have made of the pre-fit, I would not put it in production if it was not with a transient because it is that if I do not publish it in the repository and they already say “find me it is going to begin, it generates me that you have a little success and you make a play and it is known a lot” now it begins, you can load a service quickly, of course they have a locking system so that your service remains available to users but of course it would give a bad service because users “hey I’m giving it and it doesn’t work” I don’t know what of course all those little things the transient guarantees that you do your job well.

It is very easy, put an expiration in seconds and you estimate it.

I usually put, as they are every three hours, the first request makes it, because I don’t like it any more.

There is a piece of information that does not change much, that you say, well, it takes time, so you put six hours, one day, it does not matter, and after three days then the transing is not useful for you, transing is for when you continue, you keep asking for it, but no, you say it because of the finances, no, there the transing is not useful for you, it is for when you keep asking for it, but no, you say it because of the finances.

Transing is not useful there, what happens is that you have to keep it in the database or in a transing of that batch of data (man speaking) No, no, that is the way it is.

That is also true.

You are there and transiting does not help you, for example.

Because you are not going to show expired information to the client.

It’s no good for you to give him minutes.

Unless, let’s see, you can put 60 seconds on a transit, nothing happens.

Yes, so that, for example, you are not asking.

Of course, you think that.

That’s why you are thinking, so that you don’t always make the requests, that is, you do it only the first time.

If you have, to say something, a thousand visits, they are not a thousand requests, one by one, they are a thousand visits, that is, a request every minute or whatever.

Yes, yes, you are testing.

Here I have given a little bit of the rules, but from there, the first time we use it.

I’m going to give you the basics, you’re already working on it, okay.

(murmurs) No, you don’t listen to it, it just stays recorded.

I don’t remember the work.

(Laughter) I wanted to ask you how you do the logging or tracing of the actions that you do for if you update in remote database, for example, if you integrate with Holder, you can make the request to buy a service product, is that what you do somehow.

Yes, in Google Comer there is a method that is super cool, that is from Vloz, that is inter, that.

I’m going to teach it.

Deboog Log Ad or something like that was.

Deboogie, look it’s boogie no, this is not what’s there.

There is a method that is log, is that I do not remember, I have worked it, but for Online Stores it would be fine I do not remember if not then I do not remember how we are going to be around here that I go to the code so I do not know that I have recorded everything but that there if you make an online store you can use a method that has Woocommerce that with the object.

Do you remember Peter.

there is an object that WooCommerce has that is vc2.

I think so, I’m speaking from memory, I register it, then you enter a command and maybe it can be the return that gives you the API and when you get an error, then you have a code for the code 200 if you have no code 200, save me the error, then you save that log and then in Google Commer, in status log, there you would find it, it is very easy, it is very good, then depending on, what.

yes yes yes yes for Google Commer yes, yes, sure.

Google Commer has two very interesting things for the API.

It has the Actions Schedule, which is like a library for making requests underneath.

It uses Google Commer Subscricions and all these to make requests.

You looked for a Schedule, it goes very well.

And it has another one that is Debug.

What not, because it can save you.

Most of the times, as they are usually the indications that you put a page of adjustments and you put user of password, it gives to save, because there what I do is to teach, the little window is of warper that makes a warning I put error, it has not been able to authenticate, to be typical more to this then I make an echo and directly I go out bookcommer, usc.

deboot, that is lojo or something like that and the name, I have already put the name that I have missed when you make an API request usually returns the error gives you a code and gives you the message because you just save in the log and that’s it, then if something has happened, you go to the log and you see that you did not have this and you want to have, then you can make a customized ombra and I am saving the log and then in the application I put a configuration and I put a page of everything but if there is Google comers you already have the method already all done, you do not have to put more, simply a line and already it is “WC_GYUN_LOGGER” and there you have methods like alert, for alert, clear, to clean, critical, to show critis.



It is an app more rare already is, no, do not be critical, lest it is a functioning of .



Yes, it’s really cool that you can save it, it saves it.

I do like to put it directly and it saves it that way.

One more tip.

Yes, it is.

No, you don’t.

Well, you have me over here.

If you have any questions of your own, let me know.

Thank you very much.

[applause] [beep] [beep] [music] [music] [music].

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.