I’m trying to set up an automated system that creates WordPress user accounts whenever someone buys my product. The setup involves connecting my sales platform to WordPress, but I’m worried about security.
I found a WordPress plugin that lets you create users through API calls like this:
The problem is that anyone can visit mysite.com/api/get_token/?controller=user&method=create and grab the security token they need to create accounts.
I can pull the customer email from my sales platform and insert it into the API call. But how do I make this secure so random people can’t create fake accounts on my site?
Is there a better way to handle this kind of automation? Maybe something that doesn’t require exposing public endpoints?
that plugin sounds sketchy as hell. just use zapier or make.com instead - they’ve got wordpress integrations built in and you won’t have to expose your tokens publicly. I’ve been using zapier for this kind of stuff and it works great without all the security headaches you’re dealing with.
That exposed token approach is a security nightmare waiting to happen. I dealt with something similar last year and ended up with a two-step verification process that worked way better. Instead of direct API calls, I created a webhook endpoint that validates incoming requests against a shared secret between my sales platform and WordPress. The webhook generates temporary tokens that expire within minutes, so even if someone intercepts them they’re useless quickly. Another thing I learned the hard way - always validate the purchase data on the WordPress side too. Don’t trust what’s coming from the sales platform. Cross-reference order IDs and customer details to prevent fraudulent account creation attempts.
You’re right to worry about token exposure - it leaves your site wide open for unauthorized signups. I ran into this same problem when automating user registrations. Instead of public endpoints, I switched to application passwords with proper WordPress REST API auth. Way more secure. I also set up webhooks from the sales platform so only my system can trigger new accounts. If you want extra protection, throw in some IP whitelisting too.