{"id":7011,"date":"2025-04-03T10:37:42","date_gmt":"2025-04-03T01:37:42","guid":{"rendered":"https:\/\/cooss.net\/using-wordpress-application-passwords-rest-api-en\/"},"modified":"2025-04-03T10:37:42","modified_gmt":"2025-04-03T01:37:42","slug":"using-wordpress-application-passwords-rest-api-en","status":"publish","type":"post","link":"https:\/\/cooss.net\/en\/using-wordpress-application-passwords-rest-api-en\/","title":{"rendered":"Using WordPress Application Passwords (REST API)"},"content":{"rendered":"\n

In the WordPress menu, if you look at the ‘Users > Profile<\/strong>‘ page, there is an item called ‘Application Passwords<\/strong>‘.<\/p>\n\n\n\n

When a specific user needs to access WordPress through an external program to write or edit posts, the purpose is to create an authentication system that requires verifying a password set in advance. I thought I wouldn’t have a use for it, but recently, while studying ‘automation of work’, I found a need to use it. I will summarize how to use WordPress application passwords by calling it in the Make.com automation process as an example.<\/p>\n\n\n\n

Password Generation<\/h3>\n\n\n\n

Define a name for identification and click the ‘Add New Application Password’ button.<\/p>\n\n\n\n

\"WordPress<\/figure>\n\n\n\n
<\/div>\n\n\n\n

Then, the password will be displayed as shown below. This password is displayed only once, and there is no way to confirm it afterward, so you must copy it somewhere before proceeding to the next step.<\/p>\n\n\n\n

\"WordPress<\/figure>\n\n\n\n
<\/div>\n\n\n\n

You can only see the creation date as shown below, and the list will be displayed in a form where you can only discard it.<\/p>\n\n\n\n

\"WordPress<\/figure>\n\n\n\n
<\/div>\n\n\n\n

BASE64 Encoding<\/h3>\n\n\n\n

Now, encode the string that connects the username and the generated password. If the user ID at the time of password creation is ‘admin’ and the password is ‘abcd efgh ijkl mnop’, you should encode the string below.<\/p>\n\n\n\n

admin:abcd efgh ijkl mnop<\/code><\/pre>\n\n\n\n
It seems you need to know a bit of programming to encode, but if you request ChatGPT as below, it will do it for you right away.<\/p>\n\n\n\n
Please base64 encode the following.\nadmin:abcd efgh ijkl mnop<\/code><\/pre>\n\n\n\n
The encoded string will be displayed in the form below.<\/p>\n\n\n\n
YWRtaW46YWJjZCBlZmdoIGlqa2wgbW5vcA==<\/code><\/pre>\n\n\n\n
Utilization of Password (Encoded String)<\/h3>\n\n\n\n
In my case, I needed it to call WordPress via the HTTP module on Make.com<\/a> to create a post.<\/p>\n\n\n
\n
\"Automation<\/a><\/figure>\n<\/div>\n\n\n
<\/div>\n\n\n\n
Although there is a separate module prepared for writing and editing WordPress posts in the Make<\/a> modules, if you want to input other values (e.g., Custom Taxonomy) that are not provided as default items such as title\/content\/category\/post meta, you can also use the method of calling WordPress’s API through the HTTP module to instruct the necessary tasks.<\/p>\n\n\n\n
The image below captures part of the screen where I want to modify the Custom Taxonomy of an existing post. By recording “Authorization: Basic encoded password” in the header section, you will pass the pre-authorized password when calling the WordPress API.<\/p>\n\n\n\n
Of course, there are other methods besides Basic authentication, but this should suffice for my purposes.<\/p>\n\n\n
\n
\"\"<\/figure>\n<\/div>\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
In the WordPress menu, if you look at the ‘Users > Profile‘ page, there is an item called ‘Application Passwords‘. When a specific user needs to access WordPress through an external program to write or edit posts, the purpose is to create an authentication system that requires verifying a password set in advance. I thought […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[159,86],"tags":[],"class_list":["post-7011","post","type-post","status-publish","format-standard","hentry","category-marketing-automation-en","category-wordpress-en"],"_links":{"self":[{"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/posts\/7011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/comments?post=7011"}],"version-history":[{"count":0,"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/posts\/7011\/revisions"}],"wp:attachment":[{"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/media?parent=7011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/categories?post=7011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cooss.net\/en\/wp-json\/wp\/v2\/tags?post=7011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}