WPMissionControl Integration
WPMissionControl Integration
The plugin can share behavior data with the WPMissionControl Dashboard through protected REST endpoints.
API key discovery is implemented in includes/integration-key.php, and behavior endpoints are implemented in
includes/integration-api.php.
API key sources
- The plugin first checks
wpmc_options['api_key']from the WPMissionControl plugin settings. - Developers can add candidates through
wpmc_behavior_heatmap_shared_api_key_candidates. - Developers can provide a single key through
wpmc_behavior_heatmap_shared_api_key. - If no automatic key is found, the manual fallback option
wpmc_bhm_manual_api_keycan be used.
Accepted authentication formats
Authorization: Bearer <key>AuthenticationToken: <key>X-WPMC-Token: <key>X-WPMC-API-Key: <key>
Permissions
A request is allowed when the current WordPress user has manage_options or when the supplied token matches an accepted API key.
Developers can override token validation with wpmc_behavior_heatmap_validate_api_key or accepted keys with
wpmc_behavior_heatmap_expected_api_keys.
Settings UI status
The Settings page displays whether an automatic API key was detected, whether a manual fallback exists, the masked key, the key source, and whether the WPMissionControl plugin was detected by file name, class, or constant.
