Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Grabbing user JSON data without being logged in
I'm currently in the process of highly integrating WordPress and Vanilla, and I would like to display some information from Vanilla on my WordPress site. Mainly, profile info, notifications, messages, and badges. I planned on using JSON to grab this data, but quickly ran into some issues.
https://mysite.com/community/profile.json/username <-- Publicly accessible
https://mysite.com/community/messages.json/inbox <-- Only accessible through that user's login session
I'm wondering if there is a way to securely grab the data that is typically only accessible by the current logged in user. Something like:
You would need to use an API plugin (recommended), or use an SSO token (very complex).
We'll be supporting this sort of thing natively by the end of 2017 (probably Vanilla 2.5).
Well if they are are logged in simply
no need for additional security. You wouldn't display this information if they weren't logged in anyway. You can use as SSO solution like jsConnect.
grep is your friend.
I was thinking the same thing, but then I decided that I also want to submit data to Vanilla. I'm going to try the API 0.4.0 plugin and see if it suits my needs. If not, then doing it through jsConnect is a good alternative.
Thanks for the replies guys!