WordPress connector
A WordPress plugin that maps your posts, pages, and WooCommerce products to bAInquet IngestItems, signs every request with the connector HMAC scheme, and POSTs idempotent batches.
The plugin is bAInquet Connector, v1.0.0, under connectors/wordpress/bainquet-connector. It requires WordPress 5.8 or later and PHP 7.4 or later, and sends X-Connector-Type: wordpress.
What it maps
| WordPress content | IngestItem type | Notes |
|---|---|---|
| Post | post | Rendered content into html; SEO meta into json.seo. |
| Page | page | Same field set as posts. |
| WooCommerce product | product | Typed price { value, unit, currency }, SKU, stock, attributes, categories, tags, variations. |
- SEO meta. Yoast (
_yoast_wpseo_*) and RankMath (rank_math_*) title, description, canonical, and focus keyword map into the item'sjson.seobag. An SEO-declared canonical becomes the itemcanonical_url. - Language. Detected via Polylang or WPML when active, otherwise the site locale, normalized to BCP-47.
- Checksums. Each item carries a deterministic
sha256:checksum, so an unchanged item produces an unchanged checksum and the server returnsskipped.
Custom post types
Custom post types currently map to the post source type. Per-CPT mapping and ACF, FAQ, and LocalBusiness extractors are planned. Planned
Install
Upload the plugin zip via Plugins, Add New, Upload Plugin, or copy the bainquet-connector folder into wp-content/plugins/. Then activate bAInquet Connector from the Plugins screen.
Configure
Go to Settings, bAInquet and set these options.
| Setting (option key) | Default | Meaning |
|---|---|---|
bainquet_connector_api_base | https://api.bainquet.online/v1/ingest | Ingestion base URL |
bainquet_connector_token | (none) | The connectorId.secret from the dashboard, shown once |
bainquet_connector_website_id | (none) | The website id the token is scoped to |
bainquet_connector_site_domain | site host | Sent as X-Site-Domain |
After saving:
- Click Test connection to send a heartbeat to the API.
- Click Sync all content now to backfill existing posts, pages, and products.
TIP
The connector token is shown only once when you issue it in the dashboard. Copy it immediately. If it leaks, rotate it from the dashboard and update this setting.
How incremental sync works
The plugin wires WordPress hooks so changes sync without a manual step.
- Upsert. On
save_postandwoocommerce_update_product, the changed item is mapped and POSTed toPOST /v1/ingest/item. - Tombstone. On
wp_trash_post,before_delete_post, andwoocommerce_delete_product, a tombstone is POSTed toPOST /v1/ingest/deletewith the item's stable id, so the public node drops it.
How backfill works
Sync all content now schedules a WP-Cron job that maps and batch-POSTs content in chunks of 50 items per tick to POST /v1/ingest/batch. The chunking stays under the payload cap and avoids PHP request timeouts.
Out of scope
- Single-item upserts are sent synchronously on the hook. A persistent outbox with debounce, coalesce, and bounded retry is a later-phase enhancement. Planned
- Per-custom-post-type mapping and ACF, FAQ, and LocalBusiness extractors. Planned
Uninstall
Deleting the plugin removes all bainquet_connector_* options (including the stored token) and clears the scheduled backfill cron events.
HMAC signing
Every request is signed exactly as the server verifies it, using the shared bq.connector.hmac.v1 scheme:
signingKey = HKDF-SHA256(secret, salt = websiteId, info = "bq.connector.hmac.v1", 32 bytes)
canonical = METHOD \n path \n sha256(body) \n timestamp \n nonce \n websiteId
X-Signature = hex HMAC-SHA256(signingKey, canonical)Headers sent: Authorization: Bearer <token>, X-Site-Domain, X-Connector-Type: wordpress, X-Connector-Version, X-Signature, X-Timestamp, X-Nonce, X-Body-Sha256, and Idempotency-Key. Retries on 5xx and 429 reuse the same Idempotency-Key with a fresh nonce and timestamp.
The signing is parity-tested: the plugin's HMAC output is byte-identical to the canonical scheme and proven server-compatible against the real ingestion API. Full hook, cron, and WooCommerce behavior still requires a live WordPress install to validate. The full scheme is documented in Ingestion and signing.