DOCUMENTATION

Documentation

WPMissionControl Integration

WPMissionControl Integration

The plugin can share behavior data with the WPMissionControl Dashboard through protected REST endpoints. API key discovery is implemented in includes/integration-key.php, and behavior endpoints are implemented in includes/integration-api.php.

API key sources

  1. The plugin first checks wpmc_options['api_key'] from the WPMissionControl plugin settings.
  2. Developers can add candidates through wpmc_behavior_heatmap_shared_api_key_candidates.
  3. Developers can provide a single key through wpmc_behavior_heatmap_shared_api_key.
  4. If no automatic key is found, the manual fallback option wpmc_bhm_manual_api_key can be used.

Accepted authentication formats

  • Authorization: Bearer <key>
  • AuthenticationToken: <key>
  • X-WPMC-Token: <key>
  • X-WPMC-API-Key: <key>

Permissions

A request is allowed when the current WordPress user has manage_options or when the supplied token matches an accepted API key. Developers can override token validation with wpmc_behavior_heatmap_validate_api_key or accepted keys with wpmc_behavior_heatmap_expected_api_keys.

Settings UI status

The Settings page displays whether an automatic API key was detected, whether a manual fallback exists, the masked key, the key source, and whether the WPMissionControl plugin was detected by file name, class, or constant.