June 28, 2021 — Over the past years, APIs have grown to be the engine of the web, with OAuth 2.0 being the standard for enabling secure cross-platform connections to such APIs on behalf of a user. However, setting up OAuth requires extensive technical knowledge of the protocol and the platform. For a distributed ecosystem such as WordPress these are hurdles almost impossible to overcome.
This talk explains how we solved this problem for the Site Kit plugin and various Google APIs. It explores alternate approaches to enable a secure, seamless, and scalable connection between a WordPress site and third-party services to access user data in a way that can be leveraged by other plugins and services as well.