• docjoe

    (@docjoe)


    First, this review not only mentioned not the API authentical module but this vendor’s CustomAPI module, as the two were purchased to go hand-in-hand.
    We purchased the MiniOrange modules to allow us to do very deep integration between WordPress (which provides three levels of client access to our database of research) and our CRM. Basically, we need to fully automated the client lifecycle based on research access contracts, alumni, level of client, etc. This means our CRM must interrogate not just the basic WP APIs but also a bunch of custom APIs and do so in a highly secure way. We do take care not to pass the bare minimum of personal information, but even so, security is top of mind. We also have APIs that are tied into our publishing and tracking services, analytics, custom AI power search and auto-classification, and a few other things.
    We selected the MiniOrange custom API model first, then saw that they also had this authentication tool, so it made sense to get them together.
    I’ve found the API authentication tool to be excellent. It gives up multiple ways to secure APIs – with oAuth being to strongest.
    The service also allows user-level keys to set up a least-privileged access approach to the WP data. This is extremely useful and a best practice for security.
    My only issue with this module is the onboarding and licensing after purchase. The vendor’s portal is not very clear. But the customer service team responded quickly (within 20min) and was very helpful. We also had a strange situation where the module’s settings were messed up. It was almost certainly a website admin error, but it did take a few hours to find out the problem and fix it, during which time our staff were unable to perform some critical customer service tasks. But in a way, that was a good thing. I’d rather those sensitive API services be blocked by default than leave APIs open for attack. The security-block fall-back position to the glitch was the right option.
    If you are using WP or customer APIs – get this module.

  • The topic ‘Excellent – essential – module, slighly marred by onboarding process’ is closed to new replies.