Contesimal Connector

Contesimal Connector adds REST API endpoints to your WordPress site, allowing external applications to create and manage content using an API key.

Requests are made to your site’s /wp-json/contesimal/v1/ endpoints. The plugin does not send any data externally on its own.

External services and privacy

• Service: Designed to work with Contesimal (https://contesimal.ai), but compatible with any client using your API key.
• Data received: Post title, content (HTML), excerpt, status, categories, tags, post type, author ID, and media URLs.
• Media handling: Your WordPress site may download remote files from provided URLs to create Media Library attachments.
• When: Only when a valid API request is sent to your site. No background communication occurs.
• Control: External access is enabled only if you share the API key. You can regenerate the key or deactivate the plugin at any time.
• Consent: By enabling the plugin and sharing the API key, the site administrator allows external applications to submit content.

Authentication

All endpoints require an API key sent in the X-API-Key header (or Authorization: Bearer).

The key is:
– Generated on your site
– Stored as a secure hash
– Managed by administrators only

Requests without a valid key are rejected (401). Rate limiting is applied per IP.

API keys should be treated as sensitive credentials and only shared with trusted systems.

Features

• API key authentication (hashed storage)
• Create posts via REST API
• List categories and post types
• Media import from external URLs
• Rate limiting (per IP)
• Configurable CORS
• Optional request logging (admin only)

REST endpoints (base: /wp-json/contesimal/v1)

• GET /ping – Health check
• GET /categories – List categories
• GET /post-types – List public post types
• POST /publish – Create post
• POST /media/import – Import media from URLs

An admin notice is shown when API access is enabled, indicating that external publishing is active.

REST API Reference

All endpoints require: X-API-Key: your_api_key

GET /wp-json/contesimal/v1/ping

Returns plugin status.

Response:
{ “status”: “ok”, “plugin”: “contesimal-connector”, “version”: “1.0.0” }

GET /wp-json/contesimal/v1/categories

Returns category list.

GET /wp-json/contesimal/v1/post-types

Returns public post types.

POST /wp-json/contesimal/v1/publish

Creates a post.

Headers:
Content-Type: application/json
X-API-Key: your_api_key

Body:

Field
Type
Required
Description

title
string
Yes
Post title

content
string
Yes
HTML content

status
string
No
publish, draft, pending, private

excerpt
string
No
Post excerpt

post_type
string
No
Default: post

category_ids
array
No
Category IDs

tags
array
No
Tag names

featured_image_url
string
No
Image URL

author_id
integer
No
Default: 1

Responses:
– 200 Success
– 400 Bad request
– 401 Invalid API key
– 429 Rate limit exceeded
– 500 Server error