Title: Development – Using jetpack authentication to access the WordPress.com API? Last modified: December 9, 2017 --- # Development – Using jetpack authentication to access the WordPress.com API? * Resolved [TravisR](https://wordpress.org/support/users/travisr/) * (@travisr) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/) * The high level view is that I’m ultimately interested in getting to a WordPress plugin that provides something like the “Blogs I follow” and “Posts I like” widgets that are available on WordPress.com. In looking into this, I found that the relevant data is available via the REST API ([here](https://developer.wordpress.com/docs/api/1.1/get/read/following/mine/) and [here](https://developer.wordpress.com/docs/api/1.1/get/read/liked/)), but it isn’t clear how one can build a WordPress site plugin that manages the authentication needed to access the API. However, Jetpack is doing something like this, so I’m hoping you can provide insight into how we build plugins that can either (a) use the authentication link that Jetpack already has, or (b) replicate the authentication link that Jetpack has. Thanks. Viewing 7 replies - 1 through 7 (of 7 total) * Plugin Contributor [Stef (a11n)](https://wordpress.org/support/users/erania-pinnera/) * (@erania-pinnera) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9771046) * Hi [@travisr](https://wordpress.org/support/users/travisr/)! * You’re welcome to build your own system. In order to do that you can follow the directions listed here: * [https://developer.wordpress.com/docs/oauth2/](https://developer.wordpress.com/docs/oauth2/) * This will help you authenticate. As it will be in a WordPress plugin, you can use functions such as `wp_remote_get` to get data from different endpoints. * If Jetpack is already installed on the site, you can bypass all that and let Jetpack handle the authentication. In fact, Jetpack includes a function named` wpcom_json_api_request_as_blog` you can leverage to make API requests. * This function basically takes care of everything, so you only need to specify API endpoints and parameters 🙂 You could look at the following link to see how we use it in Jetpack. It will give you an idea of how it can be used: * [https://github.com/Automattic/jetpack/blob/5.6/modules/videopress/class.videopress-edit-attachment.php#L117](https://github.com/Automattic/jetpack/blob/5.6/modules/videopress/class.videopress-edit-attachment.php#L117) * This is an example of how the function can be used: * [https://github.com/Automattic/jetpack/blob/5.6/class.jetpack-client.php#L270-L280](https://github.com/Automattic/jetpack/blob/5.6/class.jetpack-client.php#L270-L280) * Hope that helps! You should be able to figure everything out from here, but if you have any further questions, don’t hesitate to ask 🙂 * Thread Starter [TravisR](https://wordpress.org/support/users/travisr/) * (@travisr) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9773020) * Thanks Stefanie! wpcom_json_api_request_as_blog looks like it’s exactly what I wanted, but my first attempt to use it has failed. I built a simple plugin, ran it on my Jetpack connected blog, and received a 403 response: `{"error":" unauthorized","message":"That API call is not allowed for this account."}` * The calling code is just `Jetpack_Client::wpcom_json_api_request_as_blog('read/ following/mine')` and the response indicates that the query was properly sent to [https://public-api.wordpress.com/rest/v1.1/read/following/mine](https://public-api.wordpress.com/rest/v1.1/read/following/mine) * Is the Jetpack authentication constrained to accessing a subset of the full REST API, or have I missed a step, or done something wrong? Thanks. * Thread Starter [TravisR](https://wordpress.org/support/users/travisr/) * (@travisr) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9773385) * I followed the Jetpack code a bit and found that `wpcom_json_api_request_as_blog` calls `Jetpack_Client::remote_request` without a user_id argument, which causes the request to use the ‘blog token’, via `Jetpack_Data::get_access_token`. Thinking that this might be the issue with trying to access user-centric REST API endpoints, I added a ‘user_id’ argument – via `Jetpack_Options::get_option('master_user')`– but unfortunately received the same result. I can verify that there are separate tokens available for the master user and the blog, but neither appear to allow me access to the `read/following/mine` or `read/liked` endpoints. Not sure where to look next, so any further tips would be appreciated. Thanks. * Thread Starter [TravisR](https://wordpress.org/support/users/travisr/) * (@travisr) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9773396) * Noticed that `wpcom_json_api_request_as_blog` was filtering out my ‘user_id’ argument. After tweaking the Jetpack code to allow this argument to pass through, I was able to get a successful response from the `read/following/mine` endpoint, but it was empty. The `read/liked` endpoint gave me a different 403 response: `{" error":"authorization_required","message":"An active access token must be used to query information about the current user."}` * I’m beginning to think that the authentication I need for these endpoints isn’t available via the tokens managed by Jetpack? * Plugin Contributor [Stef (a11n)](https://wordpress.org/support/users/erania-pinnera/) * (@erania-pinnera) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9774944) * > Is the Jetpack authentication constrained to accessing a subset of the full > REST API * Yes, that is correct. * If your need access to a specific route while using Jetpack’s `wpcom_json_api_request_as_blog` function, you should open an issue in the Jetpack repo, and we’ll see if we can help you with that: * [https://github.com/Automattic/jetpack](https://github.com/Automattic/jetpack) * Thread Starter [TravisR](https://wordpress.org/support/users/travisr/) * (@travisr) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9776276) * [New issue](https://github.com/Automattic/jetpack/issues/8347) created on Github. * Plugin Contributor [Stef (a11n)](https://wordpress.org/support/users/erania-pinnera/) * (@erania-pinnera) * [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9778692) * Brilliant! Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘Development – Using jetpack authentication to access the WordPress.com API?’ is closed to new replies. * ![](https://ps.w.org/jetpack/assets/icon.svg?rev=2819237) * [Jetpack - WP Security, Backup, Speed, & Growth](https://wordpress.org/plugins/jetpack/) * [Frequently Asked Questions](https://wordpress.org/plugins/jetpack/#faq) * [Support Threads](https://wordpress.org/support/plugin/jetpack/) * [Active Topics](https://wordpress.org/support/plugin/jetpack/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/jetpack/unresolved/) * [Reviews](https://wordpress.org/support/plugin/jetpack/reviews/) ## Tags * [api](https://wordpress.org/support/topic-tag/api/) * [authentication](https://wordpress.org/support/topic-tag/authentication/) * 7 replies * 2 participants * Last reply from: [Stef (a11n)](https://wordpress.org/support/users/erania-pinnera/) * Last activity: [8 years, 5 months ago](https://wordpress.org/support/topic/development-using-jetpack-authentication-to-access-the-wordpress-com-api/#post-9778692) * Status: resolved